fix: handle ENAMETOOLONG gracefully during path resolution

This fix was recovered from a timed-out bot run. It addresses issue #26979
where the CLI would crash if a user provided an extremely long path string
in an @ command (e.g. @/aaa...a).

Changes:
- Updated 'robustRealpath' in 'packages/core/src/utils/paths.ts' to catch
  and gracefully handle 'ENAMETOOLONG' and 'EINVAL' errors from fs.realpathSync
  and fs.lstatSync.
- Added a defensive try-catch block to 'checkPermissions' in
  'packages/cli/src/ui/hooks/atCommandProcessor.ts' to prevent long path
  strings from crashing the CLI during @ command parsing.
- Added regression unit tests to verify the fix.

packages/cli/src/ui/hooks/atCommandProcessor.test.ts

@@ -17,6 +17,7 @@ import {
   handleAtCommand,
   escapeAtSymbols,
   unescapeLiteralAt,
+  checkPermissions,
 } from './atCommandProcessor.js';
 import {
   FileDiscoveryService,
@@ -1539,4 +1540,23 @@ describe('unescapeLiteralAt', () => {
     const input = 'user@example.com and @scope/pkg';
     expect(unescapeLiteralAt(escapeAtSymbols(input))).toBe(input);
   });
+
+  describe('checkPermissions', () => {
+    it('should handle ENAMETOOLONG gracefully in checkPermissions', async () => {
+      const longPath = 'a'.repeat(5000);
+      const query = `@${longPath}`;
+
+      const localMockConfig = {
+        getTargetDir: () => '.',
+        validatePathAccess: () => true,
+        getResourceRegistry: () => ({
+          findResourceByUri: () => undefined,
+        }),
+      } as unknown as Config;
+
+      // checkPermissions should not throw ENAMETOOLONG
+      const permissions = await checkPermissions(query, localMockConfig);
+      expect(permissions).toEqual([]);
+    });
+  });
 });