Adds a regression suite asserting that the read-only Prisma proxy is
still in effect after a tool's executor forwards ctx.db into a scoped
tRPC caller (helpers.ts::createScopedCallerContext). Covers all three
attack surfaces: model writes, raw-SQL escape hatches, and interactive
$transaction / $runCommandRaw calls.
These tests pin the behaviour enforced by 1ff5c33; any future refactor
that unwraps the proxy during forwarding will fail this suite.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Hartmut
b9040cb328