feat: Implement Domain-Based Access Control (#70)

[Hillzo]

closes #70
Summary of changes:

AccessControl Service: Introduced src/services/access-control.ts — a zero-dependency service that validates outbound HTTP destinations against an operator-defined allowlist of hostnames and IPv4 CIDR ranges.
Guards Applied: assertAllowed(url) is called inside getHorizonUrl() and getRpcUrl() before any HTTP connection is opened, covering all Horizon and Soroban RPC calls.
Operator Opt-In Model: If neither ALLOWED_DOMAINS nor ALLOWED_IP_RANGES is set, the server operates in permissive mode (backward compatible). Once any entry is configured, only matching destinations are permitted.
Configuration: Two new env vars — ALLOWED_DOMAINS (comma-separated hostnames) and ALLOWED_IP_RANGES (comma-separated IPv4 CIDRs) — documented in .env.example with the full list of all 6 built-in Stellar network endpoints.
Documentation: README.md updated under Security Considerations and Roadmap.
Reason for the changes: Pulsar is a stdio MCP server with no inbound network surface. The attack vector this addresses is SSRF via custom network configuration — an attacker who controls HORIZON_URL or SOROBAN_RPC_URL could point Pulsar at internal infrastructure (e.g., cloud metadata endpoints). The access control layer closes this gap.

[drips-wave]

@Hillzo Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

[adams813]

Nice Implementation, LGTM!