Audit spotlight: add unit tests and fix stash safety bug

[bborn]

Summary

• Audited the spotlight function — it's a valid feature for users whose projects can't run from worktree directories (docker mounts, IDE settings, CI tooling, etc.)
• Added 21 unit tests for the spotlight package covering: sync logic, start/stop lifecycle, stash backup/restore, path traversal protection, file permissions, deleted file handling, edge cases, and destructive operation safety
• Fixed a safety bug: Start() silently swallowed git stash push failures. If the stash failed but the main repo had uncommitted changes, Stop() would later run git checkout . + git clean -fd and destroy that work. Now Start() returns an error if stashing fails.
• Documented a known trade-off: Stop() uses git clean -fd which deletes ALL untracked files in the main repo, including ones the user may have created while spotlight was active (test documents this behavior)

Audit findings

Area	Status
Core sync logic	Solid — incremental copy, skips unchanged files, handles deletions
Path traversal protection	Present and correct
File permissions	Preserved during sync
Stash management	Fixed — was silently swallowing failures
git clean -fd in Stop()	Known trade-off — documented in tests
MCP integration	Well-tested (6 existing tests)
TUI integration	Keybindings work (f/F)
Unit test coverage	Added — was zero, now 21 tests

Test plan

• All 21 new spotlight unit tests pass
• All 6 existing MCP spotlight integration tests pass
• Full start → sync → stop lifecycle verified
• Stash backup and restore verified
• Destructive operation behavior documented

🤖 Generated with Claude Code