fix(mcp): make session-marker symlink resistance work on Windows (#337)

O_NOFOLLOW is undefined on Windows (libuv ignores it), so the bitwise-OR
silently dropped it and markSessionConsulted would follow a pre-planted symlink
at the tmp marker path — the CWE-59 gap #280 closed on POSIX but not Windows.
Add a cross-platform lstatSync isSymbolicLink() refuse-check before openSync
(O_NOFOLLOW stays as the atomic, TOCTOU-free guard on POSIX). The existing
Session-marker-symlink-resistance test now passes on Windows.

Refs #280

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>