Post-merge multi-model code review on PR #556 identified 10 findings (2 critical, 4 major, 4 minor). This issue tracks fixes for the actionable items:

• MongoDB aggregate $function/$accumulator bypass via nesting (security)
• PlanExitTool consent bypass on dismissed dialog
• Plan revision counter double-counting on internal loop iterations
• Approval detection false positives (word boundaries + negation)
• SQL suggestions shown for MongoDB warehouses
• MCP safeDetail not handling string commands
• Dead code cleanup (BSON serialization, hasWrite)
• Markdown lint fix, test improvement

Original review: #556 (comment)