feat: enhance repository security with comprehensive .gitignore rules (#13)

- Add protection for local MCP configurations (.mcp.json) that may contain API keys
- Ignore Claude Code settings directory (.claude/)
- Exclude test output directories and temporary files
- Prevent accidental commits of development artifacts and cache files
- Improve repository security and reduce bloat from untracked files

Security improvements:
- Block sensitive configuration files with potential credentials
- Exclude local development tool configurations
- Ignore test outputs and cache files that shouldn't be versioned

Author: yibeichan

.gitignore

@@ -170,3 +170,18 @@ selected_activities.json
 
 # Development helper scripts
 run_in_env.sh
+
+# Local MCP and tool configurations
+.mcp.json
+.autorc
+.serena/
+.claude/
+
+# Test outputs and temporary files
+test-qa-output/
+test-workflow.yml
+validate_yaml.py
+**/Final*Validation*Test*/
+
+# Additional cache patterns
+.ui_checksum_cache