#13577: fix(onboard): validate workspace directory before setup steps

Fixes #13330 ## Problem The onboarding wizard collects the workspace path early (line 344-353) but doesn't actually create the workspace directory until line 454 — **after** auth setup, model selection, gateway configuration, and channel setup. If the directory is not writable (EACCES), all that interactive configuration work is wasted. ## Solution Move `ensureWorkspaceAndSessions()` to right after workspace path resolution, wrapped in try-catch that: - Shows a clear error message identifying the unwritable directory - Exits gracefully with `runtime.exit(1)` before any other setup steps This validates permissions **before** the user invests time in auth/model/gateway/channel prompts. ## Test plan - [x] New test: "validates workspace before writing config or setting up channels" — mocks EACCES, asserts `writeConfigFile` and `setupChannels` were NOT called - [x] New test: "shows workspace error message when directory is not writable" — asserts `prompter.outro` contains workspace-related message - [x] Both tests fail before fix, pass after (TDD) - [x] All 5 existing tests still pass (7 total) - [x] `pnpm build && pnpm check` clean <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> Moves workspace directory validation to happen immediately after path resolution, preventing wasted user effort on auth/model/gateway setup when the directory isn't writable. The fix wraps `ensureWorkspaceAndSessions()` in a try-catch that specifically handles permission errors (`EACCES`/`EPERM`) with a clear error message, while re-throwing other errors for normal handling. - Validation now occurs at onboarding.ts:355-370, before any interactive prompts - Permission errors (`EACCES`/`EPERM`) show a clear message and exit gracefully - Non-permission errors (e.g., `ENOENT`) are re-thrown and handled normally - Three new tests verify the fix: validates workspace before config/channels, shows error message, and re-throws non-permission errors - All existing tests pass (7 total) - Addresses issue #13330 effectively <h3>Confidence Score: 5/5</h3> - This PR is safe to merge with no concerns - The fix is clean, focused, and well-tested with proper TDD approach (tests written first, failing before fix, passing after). The error handling specifically targets permission errors while preserving existing behavior for other error types. All three new tests comprehensively cover the validation flow, error messaging, and error re-throwing. Previous review concerns have been addressed in commit 6117d6e - No files require special attention <!-- greptile_other_comments_section --> <!-- /greptile_comment -->