fix: handle 403 api_forecasting_not_enabled in metaculus

[realfishsam]

Fixes #515

[realfishsam]

PR Review: PASS (NOT VERIFIED)

What This Does

Adds handling for Metaculus's api_forecasting_not_enabled 403 error, converting it into a PermissionDenied with an actionable message telling users to enable API forecasting in their Metaculus account settings.

Blast Radius

• Metaculus exchange: errors.ts only -- 8 lines added inside the existing 403 handler
• No normalizer, SDK, or OpenAPI changes

Findings

1. Correct placement -- the new check is inserted within the existing status === 403 block, before the generic PermissionDenied fallback. Order is correct: specific checks (authenticated, api_forecasting_not_enabled) before the catch-all.
2. String matching on lower -- uses lower.includes('api_forecasting_not_enabled') which is consistent with the existing pattern in the same block (e.g., lower.includes('authenticated')).
3. No test coverage -- there are no existing Metaculus error mapper tests in the test directory, so this is consistent with the current state, but a unit test for this specific 403 variant would be valuable.
4. Cannot verify the error string -- the exact error body Metaculus returns for this 403 case is not documented in any spec in the repo. The fix assumes the response body contains the literal string api_forecasting_not_enabled, which seems reasonable for an API error code but is unverified.

PMXT Pipeline Check

• Field propagation: N/A
• OpenAPI sync: N/A
• Type safety: OK

Semver Impact

patch -- improved error handling for an existing exchange, no API surface change

Risk

If Metaculus changes their error response format or the string api_forecasting_not_enabled does not appear in the response body, this handler will silently not match and fall through to the generic PermissionDenied -- which is safe but unhelpful.