Problem

EmbeddingAnomalyGuard is constructed and configured via [security.content_isolation.embedding_guard] but is never attached to McpManager or McpToolExecutor. Neither class exposes a with_embedding_guard() method.

This was deferred from PR #2330 which wired DefaultMcpProber and TrustScoreStore.

Expected

When embedding_guard.enabled = true, the guard should be spawned per MCP server and run background cosine-distance checks on tool outputs.

Fix

Add with_embedding_guard() (or equivalent) to McpManager or McpToolExecutor and wire it in crates/zeph-core/src/bootstrap/mcp.rs.

Priority

P2 — config key is user-visible and silently ignored post-#2330.