fix: safe Codex config sync — merge AGENTS.md + add-only MCP servers (#723)

* fix: replace bash TOML surgery with Node add-only MCP merge

The old sync script used awk/sed to remove and re-append MCP server
sections in config.toml, causing credential extraction races, duplicate
TOML tables, and 3 fragile code paths with 9 remove_section_inplace
calls each.

Replace with a Node script (scripts/codex/merge-mcp-config.js) that
uses @iarna/toml to parse the config, then appends only missing ECC
servers — preserving all existing content byte-for-byte. Warns on
config drift, supports legacy aliases (context7 → context7-mcp), and
adds --update-mcp flag for explicit refresh.

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

* fix: address PR #723 review findings for Codex MCP merge

- Use package-manager abstraction (scripts/lib/package-manager.js)
  instead of hardcoding pnpm — respects CLAUDE_PACKAGE_MANAGER,
  lock files, and project config
- Add Yarn 1.x fallback to npx (yarn dlx unsupported in classic)
- Add missing exa server to match .codex/config.toml baseline
- Wire up findSubSections for --update-mcp nested subtable removal
  (fixes Greptile P1: Object.keys only returned top-level keys)
- Fix resolvedLabel to prefer canonical entry over legacy alias
  when both exist (fixes context7/context7-mcp spurious warning)
- Fix removeSectionFromText to handle inline TOML comments
- Fix dry-run + --update-mcp to show removals before early return
- Update README parity table: 4 → 7 servers, TOML-parser-based
- Add non-npm install variants to README Codex quick start
- Update package-lock.json for @iarna/toml

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

* fix: address PR #723 review comments (preflight, marker validation)

- Add Node.js and merge-mcp-config.js to preflight checks so the
  script fails fast before partial writes (CodeRabbit)
- Validate marker counts: require exactly 1 BEGIN + 1 END in correct
  order for clean replacement (CodeRabbit)
- Corrupted markers: strip all marker lines and re-append fresh block,
  preserving user content outside markers instead of overwriting
- Move MCP_MERGE_SCRIPT to preflight section, remove duplicate

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Happy <yesreply@happy.engineering>

package.json

@@ -80,6 +80,7 @@
     "scripts/orchestrate-worktrees.js",
     "scripts/setup-package-manager.js",
     "scripts/skill-create-output.js",
+    "scripts/codex/merge-mcp-config.js",
     "scripts/repair.js",
     "scripts/harness-audit.js",
     "scripts/session-inspect.js",
@@ -108,6 +109,7 @@
     "coverage": "c8 --all --include=\"scripts/**/*.js\" --check-coverage --lines 80 --functions 80 --branches 80 --statements 80 --reporter=text --reporter=lcov node tests/run-all.js"
   },
   "dependencies": {
+    "@iarna/toml": "^2.2.5",
     "sql.js": "^1.14.1"
   },
   "devDependencies": {