fix(security): marketplace token scoping, WebUI/setup hardening, atom…

[Vudi]

…ic PIN lockout

• Market.app: remove global API token; pass token via ToolContext and createMarketAppAdapter(token) to prevent cross-user leakage under concurrency.
• WebUI: drop ?token= auth for /api/*; avoid logging full exchange URL with secret.
• Setup: require x-teleclaw-launch-nonce for /api/setup/launch; web fetches nonce first.
• Wallet PIN: atomic failed_attempts increment + lockout via single UPDATE RETURNING.
• Remove unsafe unused MemoryDatabase.asyncTransaction (await breaks transaction).
• pretest: build SDK so @teleclaw-agent/sdk resolves for npm test.
• Tests: marketapp token scope, security PIN flow.

Made-with: Cursor

Description

Brief description of the changes and their motivation.

Type of Change

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update
• Refactoring (no functional changes)

Checklist

• I have read the Contributing Guide
• My PR targets the dev branch (not main)
• npm run typecheck passes
• npm run lint passes
• npm test passes
• I have added tests for new functionality (if applicable)
• I have updated documentation (if applicable)

Related Issues

Closes #(issue number)

[gioooton]

Solid security work. Token scoping fixes a real concurrency bug, atomic PIN lockout eliminates the race condition, WebUI hardening removes token-in-URL leaks, and the setup nonce is a nice touch. Tests included. Clean and well-scoped. ✅