tech-debt: Add resolver-backed compile_messages_file for CLI messages-mode symlink parity

[dean0x]

Problem

CLI messages-mode file reads lack full parity with markdown mode:

• Markdown mode (read_build_input): reads the entry file through the resolver's NativeFs::read, which opens with O_NOFOLLOW (symlink protection)
• Messages mode (read_build_input): enforces MAX_FILE_SIZE (fixed in PR feat: structured JSON output via @message blocks and compileMessages() (#56) #87) but still reads via std::fs::read, which follows symlinks

Messages mode is missing the O_NOFOLLOW defense-in-depth protection.

Root Cause

The symlink guard is baked into the resolver's file-open layer. Messages mode calls std::fs::read() directly, bypassing that protection.

Suggested Fix

Add compile_messages_file() and compile_messages_file_with_deps() entry points to mds-core that route through the resolver, giving messages-mode input both:

• Size cap enforcement (MAX_FILE_SIZE)
• Symlink protection (O_NOFOLLOW)

Then switch CLI messages-mode to use the new resolver-backed paths.

Acceptance Criteria

• New compile_messages_file* functions added to mds-core public API
• CLI messages-mode switches to resolver-backed path
• CLI integration tests verify symlink rejection (e.g., --format messages input-symlink.mds fails)
• All existing tests pass
• cargo clippy — 0 warnings

Notes

This is an API addition to mds-core, out of scope for the contained CLI fix made in PR #87. Deferred as a separate feature.

Related: PR #87 (commit 532ac03 — MAX_FILE_SIZE enforcement), sub-issue of I11 (symlink parity)