analyze/upload vía /api/image-bytes + MCP HTTP (vscode) forzado a test

Imágenes:
- analyze_image y upload resuelven los bytes por el endpoint Python
  /api/image-bytes (pythonGetBinary). analyze_image enruta los dominios
  forge (env ACAI_FORGE_DOMAIN) al endpoint en vez de fetch directo (que
  daba ECONNREFUSED 127.0.0.1 dentro del container).

Aislamiento de entorno (vscode = solo test):
- resolveCurrentModeOverride(): sesión MCP HTTP (mcpSessionId presente) →
  "local"; stdio (chat/cron) → ACAI_MODE_OVERRIDE de entorno. Lo usan los
  builders de headers (pythonServerClient, files/helpers) → toda tool del
  MCP HTTP manda X-Acai-Mode: local.
- httpServer.resolveProjectCredentials fuerza forceMode:"local" al resolver
  project-info → la sesión obtiene web_url/api_web_url forge-local y opera
  siempre contra test, nunca producción.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

mcp-server/tools/files/helpers.js

@@ -3,7 +3,7 @@ import path from "path";
 import { LOCAL_SERVER_URL, getLocalServerHeaders } from "../../config/index.js";
 import { getCurrentSessionId } from "../../utils/sessionContext.js";
 import { getMcpSessionCredentials } from "../../auth/credentials.js";
-import { resolveCurrentAcaiUser } from "../helpers/sessionHelpers.js";
+import { resolveCurrentAcaiUser, resolveCurrentModeOverride } from "../helpers/sessionHelpers.js";
 
 /**
  * Resuelve `project_dir` para la tool en curso.
@@ -38,7 +38,7 @@ export function getCurrentProjectInfo() {
 export async function callLocalFileEndpoint(method, endpoint, payload = null, query = null) {
     const headers = getLocalServerHeaders();
     const authHeader = process.env.ACAI_AUTH_HEADER || "";
-    const mode = process.env.ACAI_MODE_OVERRIDE || process.env.ACAI_MODE || "";
+    const mode = resolveCurrentModeOverride();
     const role = process.env.ACAI_ROLE_OVERRIDE || "";
 
     if (authHeader) headers["Authorization"] = authHeader;