fix(create-expert): add pick to internal experts for minimal privilege

[FL4TLiN3]

Summary

Add pick lists to all 8 internal PBT framework experts to follow the minimal privilege principle.

Changes

Expert	Pick List
create-expert	["attemptCompletion"]
property-extractor	["attemptCompletion"]
ecosystem-builder	["readTextFile", "appendTextFile", "attemptCompletion"]
integration-manager	["attemptCompletion"]
functional-manager	["attemptCompletion"]
usability-manager	["attemptCompletion"]
expert-tester	["exec", "attemptCompletion"]
report-generator	["attemptCompletion"]

Rationale

Per docs/making-experts/skills.md:

Use pick/omit to control which tools are available

Most experts only need attemptCompletion because they orchestrate via delegation.

• ecosystem-builder needs file access to read/append to perstack.toml
• expert-tester needs exec to run perstack commands

Test plan

• CI passes
• Generated experts have correct pick lists

Closes #350

🤖 Generated with Claude Code

---

Note

Implements least-privilege tool access for internal PBT experts.

• Updates apps/create-expert/src/lib/create-expert-toml.ts to add pick lists per expert: most use "attemptCompletion" only; ecosystem-builder adds "readTextFile" and "appendTextFile"; expert-tester adds "exec".
• Adds .changeset/add-pick-to-experts.md to publish the patch and document the exact pick sets.

^{Written by Cursor Bugbot for commit 18e71db. This will update automatically on new commits. Configure here.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[cursor]

Ecosystem-builder pick list mismatches its instruction

The ecosystem-builder instruction explicitly states "Use editTextFile to APPEND the Expert ecosystem" and "Do NOT use writeTextFile", but the pick list provides appendTextFile instead of editTextFile. The expert won't have access to the tool its own instructions tell it to use, causing it to fail when attempting to add experts to perstack.toml.