Fail closed in strict mode on unknown toolset names

[davidahmann]

Problem

Unknown toolset names in config can silently fall back to defaults, weakening explicit permission boundaries.

Why now

Tool exposure must be deterministic and fail-closed in strict environments.

Current behavior is insufficient

Typos or unknown toolsets are not always treated as hard configuration errors under strict policy expectations.

Expected behavior

Add strict mode to fail startup/config validation on unknown toolset names.

Acceptance / Validation

• Strict mode rejects unknown toolsets with deterministic validation errors.
• Tests cover known toolsets (pass) and unknown toolsets (fail).
• Docs explain strict-mode behavior and migration path.

Evidence packet

• Commit under test: bf64678 (origin/main)
• Runtime environment: macOS arm64, Go 1.25.7
• Minimal repro:
  1. Configure server with unknown toolset in config.
  2. Start in strict mode.
• Expected: startup fails with clear unknown-toolset error.
• Actual: fallback behavior can allow silent misconfiguration.

Likely codepaths

pkg/tooldiscovery, cmd/github-mcp-server, docs/toolsets-and-icons.md.