fix(security): remove MCP credentials from managed-settings.json; bump Trivy to 0.70.0

settings.json is COPY-ed into the image at build time. Putting MCP server
config with credential env references there risks baking tokens into the
image if placeholders are ever replaced with real values. Move MCP server
config to ~/.claude/settings.json (runtime volume mount) instead.
Managed settings now contains policy only: models, permissions, telemetry.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

claude/settings.json

@@ -6,36 +6,5 @@
     "env": {
       "CLAUDE_CODE_ENABLE_TELEMETRY": "0"
     }
-  },
-  "mcpServers": {
-    "github": {
-      "command": "mcp-server-github",
-      "env": {
-        "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_TOKEN}"
-      }
-    },
-    "gitlab": {
-      "command": "gitlab-mcp-server",
-      "env": {
-        "GITLAB_PERSONAL_ACCESS_TOKEN": "${GITLAB_TOKEN}",
-        "GITLAB_URL": "${GITLAB_URL}"
-      }
-    },
-    "jira": {
-      "command": "mcp-atlassian-jira",
-      "env": {
-        "ATLASSIAN_SITE_NAME": "${ATLASSIAN_SITE_NAME}",
-        "ATLASSIAN_USER_EMAIL": "${ATLASSIAN_USER_EMAIL}",
-        "ATLASSIAN_API_TOKEN": "${ATLASSIAN_API_TOKEN}"
-      }
-    },
-    "confluence": {
-      "command": "mcp-atlassian-confluence",
-      "env": {
-        "ATLASSIAN_SITE_NAME": "${ATLASSIAN_SITE_NAME}",
-        "ATLASSIAN_USER_EMAIL": "${ATLASSIAN_USER_EMAIL}",
-        "ATLASSIAN_API_TOKEN": "${ATLASSIAN_API_TOKEN}"
-      }
-    }
   }
 }