fix(frontend): remove infinite localStorage caching of mcp_token to prevent unauthorized lockout

vibn-frontend/components/vibn-chat/chat-panel.tsx

@@ -924,25 +924,16 @@ export function ChatPanel({
     );
   }, [open, structural]);
 
-  // Load MCP token — prefer localStorage cache, fetch from API if missing.
-  // We use /api/workspaces (not the URL param) because the URL slug
-  // (e.g. "mark-account") differs from the actual workspace slug ("mark").
+  // Load MCP token — fetch fresh from API on mount to avoid stale, revoked tokens.
   useEffect(() => {
     if (!workspace || status !== "authenticated") return;
-    const cached = localStorage.getItem(`vibn-mcp-token-${workspace}`);
-    if (cached) {
-      setMcpToken(cached);
-      return;
-    }
     fetch("/api/workspaces?include_default_token=true")
       .then((r) => (r.ok ? r.json() : null))
       .then((d) => {
         if (d?.defaultToken) {
-          localStorage.setItem(`vibn-mcp-token-${workspace}`, d.defaultToken);
           setMcpToken(d.defaultToken);
         }
-      })
-      .catch(() => {});
+      });
   }, [workspace, status]);
 
   // Load threads (scoped to the current project when one is in the URL).