Disable Security/Eval for code snippet wrappers

`README.md` code snippets often reference or define local variables,
requiring us to resort to `eval` to set/read them. All the code being
`eval`'d is version controlled though, so this should be safe.

Author: sambostock

.rubocop.yml

@@ -4,3 +4,7 @@ inherit_gem:
 plugins:
   - rubocop-minitest
   - rubocop-rake
+
+Security/Eval:
+  Exclude:
+    - test/fixtures/files/code_snippet_wrappers/**/*.rb # We must often resort to eval to access local variable

test/fixtures/files/code_snippet_wrappers/readme/instrumentation_callback.rb

@@ -3,7 +3,7 @@
 require "mcp"
 
 MCP.configure do |config|
-  eval(File.read("code_snippet.rb"), binding) # rubocop:disable Security/Eval -- We need to run the snippet in this context to pass the config
+  eval(File.read("code_snippet.rb"), binding)
 
   config.instrumentation_callback.call({ example: "data" })
 end

test/fixtures/files/code_snippet_wrappers/readme/per_server_configuration.rb

@@ -26,7 +26,7 @@ def notify(exception)
 end
 
 b = binding
-eval(File.read("code_snippet.rb"), b) # rubocop:disable Security/Eval -- We need to run the snippet in this context
+eval(File.read("code_snippet.rb"), b)
 server = b.local_variable_get(:server)
 
 server.define_tool(name: "error_tool") { raise "boom" }

test/fixtures/files/code_snippet_wrappers/readme/prompt_class_definition.rb

@@ -5,7 +5,7 @@
 require_relative "code_snippet"
 
 b = binding
-eval(File.read("code_snippet.rb"), b) # rubocop:disable Security/Eval -- We need to run the snippet in this context to extract the prompt
+eval(File.read("code_snippet.rb"), b)
 prompt = b.local_variable_get(:prompt)
 
 server = MCP::Server.new(prompts: [prompt])

test/fixtures/files/code_snippet_wrappers/readme/prompts_usage.rb

@@ -28,7 +28,7 @@
 def current_user.id = 123
 
 b = binding
-eval(File.read("code_snippet.rb"), b) # rubocop:disable Security/Eval -- We need to run the snippet in this context
+eval(File.read("code_snippet.rb"), b)
 server = b.local_variable_get(:server)
 
 puts server.handle_json({

test/fixtures/files/code_snippet_wrappers/readme/resources.rb

@@ -3,7 +3,7 @@
 require "mcp"
 
 b = binding
-eval(File.read("code_snippet.rb"), b) # rubocop:disable Security/Eval -- We need to be able to extract the server local variable
+eval(File.read("code_snippet.rb"), b)
 server = b.local_variable_get(:server)
 
 puts server.handle_json({ jsonrpc: "2.0", id: "1", method: "resources/list" }.to_json)

test/fixtures/files/code_snippet_wrappers/readme/resources_read_handler.rb

@@ -5,7 +5,7 @@
 server = MCP::Server.new
 
 b = binding
-eval(File.read("code_snippet.rb"), b) # rubocop:disable Security/Eval -- We need the snippet to have access to the server variable
+eval(File.read("code_snippet.rb"), b)
 
 puts server.handle_json({
   jsonrpc: "2.0",

test/fixtures/files/code_snippet_wrappers/readme/server_context.rb

@@ -9,9 +9,7 @@ def current_user.id = 123
 def request.uuid = "...uuid..."
 
 b = binding
-
-eval(File.read("code_snippet.rb"), b) # rubocop:disable Security/Eval -- We need to run the snippet in this context to extract the server
-
+eval(File.read("code_snippet.rb"), b)
 server = b.local_variable_get(:server)
 
 puts server.server_context.to_json

test/fixtures/files/code_snippet_wrappers/readme/tool_class_definition.rb

@@ -5,7 +5,7 @@
 require_relative "code_snippet"
 
 b = binding
-eval(File.read("code_snippet.rb"), b) # rubocop:disable Security/Eval -- We need to run the snippet in this context to extract the tool
+eval(File.read("code_snippet.rb"), b)
 tool = b.local_variable_get(:tool)
 
 puts MCP::Server.new(tools: [tool]).handle_json(