fix(ci): verify mcp-publisher tarball SHA-256 before extracting

Previous install step piped curl output straight to tar — any compromise of
the release URL (CDN, account, MITM) would have executed arbitrary code
with OIDC write access. Now: download to file, verify SHA-256 against
pinned digest, then extract. Workflow aborts on mismatch.

Pinned to mcp-publisher v1.3.3 linux_amd64 (digest cross-checked against
the official registry_1.3.3_checksums.txt file).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

Author: SavioBS629

.github/workflows/mcp-registry-publish.yml

@@ -31,8 +31,18 @@ jobs:
         run: npm run build --if-present
 
       - name: Install MCP Publisher
+        # Pinned to v1.3.3 linux_amd64. To upgrade: bump VERSION and SHA256
+        # (capture via: shasum -a 256 mcp-publisher_linux_amd64.tar.gz, or use
+        # registry_<ver>_checksums.txt from the release).
+        env:
+          VERSION: v1.3.3
+          SHA256: 1113b9d6bf59b000966c4f17752cf87b51db03dcc5482721421fd843ce3bf048
         run: |
-          curl -L "https://github.com/modelcontextprotocol/registry/releases/download/v1.3.3/mcp-publisher_$(uname -s | tr '[:upper:]' '[:lower:]')_$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/').tar.gz" | tar xz mcp-publisher
+          curl -fsSL -o mcp-publisher.tar.gz \
+            "https://github.com/modelcontextprotocol/registry/releases/download/${VERSION}/mcp-publisher_linux_amd64.tar.gz"
+          echo "${SHA256}  mcp-publisher.tar.gz" | sha256sum -c -
+          tar xzf mcp-publisher.tar.gz mcp-publisher
+          rm mcp-publisher.tar.gz
     
       - name: Login to MCP Registry
         run: ./mcp-publisher login github-oidc