feat(mcp): mint-token CLI + get_card / delete_comment tools + executeToolAs(actor)

Net-new capacidades recuperadas del WIP stash que el merge notif no traia:

- mint-token CLI subcommand: 'kanban mint-token --user <id> --name <pc>' genera token bearer
  para configurar Claude Code u otros clientes MCP HTTP sin tocar la UI.
- executeToolAs(db, name, input, actor): variante actor-aware de executeTool. El dispatcher
  HTTP /mcp pasa el user_id resuelto del bearer token; tools per-user (add_comment,
  delete_comment) lo usan como autor sin que el llamante pueda forjarlo.
- get_card tool: lookup por id o seq_num. Devuelve Card completa.
- delete_comment tool: borra card_message; solo el autor original (validado en DB).

executeTool() sigue siendo el wrapper legacy sin actor para chat WS.

backend/mcp_http.go

@@ -13,8 +13,8 @@ import (
 
 // mcpHTTPHandler builds the http.Handler that serves the MCP Streamable HTTP
 // transport for remote Claude clients. Bearer-auth backed by the mcp_tokens
-// table; tool dispatch reuses executeTool() — the same set of operations the
-// chat assistant uses internally.
+// table; tool dispatch reuses executeToolAs() so per-user tools (add_comment,
+// delete_comment) can infer the actor from the authenticated token.
 func mcpHTTPHandler(db *DB) http.Handler {
 	auth := func(r *http.Request) (context.Context, error) {
 		header := r.Header.Get("Authorization")
@@ -37,7 +37,8 @@ func mcpHTTPHandler(db *DB) http.Handler {
 		if len(body) == 0 {
 			body = json.RawMessage(`{}`)
 		}
-		res := executeTool(db, name, body)
+		actor, _ := infra.UserIDFromContext(ctx, userCtxKey)
+		res := executeToolAs(db, name, body, actor)
 		if !res.OK {
 			return res.Error, true, nil
 		}