docs: clarify MCP tool policies and name sanitization

- Explicitly document the requirement for qualified names (server__tool) or mcpName field for MCP tool allowlisting.
- Explain the security boundary preventing built-in tool rules from matching MCP tools.
- Document the 'Underscore Rule' for name sanitization (e.g., spaces to underscores).

docs/tools/mcp-server.md

@@ -559,6 +559,9 @@ Upon successful connection:
      with underscores
    - Names longer than 63 characters are truncated with middle replacement
      (`___`)
+   - See
+     [Name sanitization](/docs/reference/policy-engine.md#name-sanitization-the-underscore-rule)
+     in the policy engine reference for more details.
 
 ### 3. Conflict resolution