[Security] validateOutputPath symlink bypass — screenshots/PDFs can write outside safe dirs

[mr-k-man]

Summary

validateOutputPath() in browse/src/meta-commands.ts:20 uses path.resolve() but never fs.realpathSync() to resolve symlinks. Unlike validateReadPath() (fixed in #595), a symlink placed under /tmp or cwd can redirect screenshot/PDF/responsive writes to arbitrary files.

Reproduction

ln -s /etc/crontab /tmp/evil.png
$B screenshot /tmp/evil.png   # overwrites /etc/crontab

Root cause

validateReadPath was hardened with realpathSync in #595 (security audit remediation), but validateOutputPath was missed. The two functions have identical intent but divergent implementations.

Fix

PR #664 adds realpathSync to validateOutputPath, matching the validateReadPath pattern including symlink resolution on safe directories themselves (macOS /tmp → /private/tmp).

Found via sqry AST-based semantic code graph analysis.