Fix: Allow --trust-tools to work on MCP servers

[swapneils]

Issue #, if available:

Currently if you call --trust-tools with tools that will be vended by MCP servers, the configuration doesn't take effect.

Reproduction steps:

1. Run q chat --trust-tools=<tool> (e.g. clear_thought___sequentialthinking)
2. Wait for the MCP server to start up
3. Run /tools to check trust status
4. Validate the (incorrectly untrusted) trust status by asking Q to run the tool for some trivial purpose.

Description of changes:

This PR modifies the ToolPermissions implementation to track tools from the --trust-tools config that don't exist yet, and triggers adding them to permissions when they're available. It also configures untrust_tool to modify this pending config as well as permissions, to avoid edge-cases where a tool can't be untrusted due to being in the pending list.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: Any opinions or communications in this pull request are entirely my own, and do not reflect those of AWS or its other employees.

[swapneils]

Seeing build failures, but the error messages seem to be mostly on dependency packages I didn't touch?
Not sure what action to take on those.