feat: trace/ virtual dir — transitive call path traversal

[jamestexas]

Problem

callers/ and callees/ show direct (1-hop) relationships. For understanding data flow, security impact, or debugging, you often need the full transitive call chain: "who eventually calls this?" or "what does this function transitively depend on?"

Proposed solution

A trace/ virtual directory on construct nodes that performs depth-limited BFS:

pkg/functions/Validate/
  source
  callers/          # direct callers (existing)
  callees/          # direct callees (existing)
  trace/
    callers/        # transitive callers (BFS up to depth N)
      depth-1/
        HandleRequest → ...
      depth-2/
        main → ...
    callees/        # transitive callees (BFS down)
      depth-1/
        sanitize → ...
        db.Query → ...

Design considerations

• Depth limit: Default 5, configurable. Prevents explosion on highly-connected nodes.
• Self-gating: Like callers/callees, only appears when there are results.
• Cycle detection: BFS with visited set to handle recursive call graphs.
• Risk annotation: Optionally classify nodes as CRITICAL/HIGH/MEDIUM/LOW based on fan-out or depth (future enhancement).

Prior art

codebase-memory-mcp implements trace_call_path with BFS up to depth 5 and risk classification. Mache's filesystem projection would make the trace browsable with standard tools.

Context

GetCallers() and GetCallees() already exist on the Graph interface. The trace is a transitive closure over these — conceptually straightforward, the main question is the filesystem projection format.