fix(mcp): validate file path in browser_set_storage_state tool

[yury-s]

Summary

• browser_set_storage_state was passing the LLM-supplied filename directly to browserContext.setStorageState() without any path validation, allowing reads from arbitrary paths outside the workspace
• Fix resolves the filename through response.resolveClientFilename() which enforces the same checkFile() containment check used by all other file-access tools

[github-actions]

Test results for "tests 1"

1 failed
❌ [playwright-test] › ui-mode-test-network-tab.spec.ts:397 › should not preserve selection across test runs @macos-latest-node20

5 flaky

⚠️ [chromium-library] › library/video.spec.ts:358 › screencast › should capture navigation `@chromium-ubuntu-22.04-arm-node20`
⚠️ [chromium-library] › library/trace-viewer.spec.ts:1223 › should display language-specific locators `@chromium-ubuntu-22.04-node20`
⚠️ [firefox-library] › library/inspector/cli-codegen-1.spec.ts:1080 › cli codegen › should not throw csp directive violation errors `@firefox-ubuntu-22.04-node20`
⚠️ [firefox-page] › page/page-emulate-media.spec.ts:144 › should keep reduced motion and color emulation after reload `@firefox-ubuntu-22.04-node20`
⚠️ [webkit-library] › library/screencast.spec.ts:75 › start reuses existing screencast when video recording is running `@webkit-ubuntu-22.04-node20`

38931 passed, 845 skipped

---

Merge workflow run.

[github-actions]

Test results for "MCP"

5549 passed, 340 skipped

---

Merge workflow run.