fix: ExecuteExtraTool 加 schema 预校验防止 deferred 工具崩溃

模型通过 ExecuteExtraTool 调 CronCreate 时把字段名拼成 schedule（而非
cron），raw params 透传到 validateInput，input.cron 为 undefined，触
发 parseCronExpression 的 expr.trim() 抛 TypeError。所有参数组合同
样崩溃，与具体参数无关。

三层修复：
- ExecuteTool.call 在调 validateInput 前先跑 targetTool.inputSchema.
  safeParse（鸭子类型跳过 MCP），失败时返回 formatZodValidationError
  友好消息，成功时透传 parsed data 让 .default() 生效、strictObject
  拦截多余字段。这是架构根治，覆盖所有 deferred 工具。
- CronCreateTool.validateInput 顶部加 typeof string 守卫，给模型精确
  字段错误消息。
- parseCronExpression 顶部加 typeof string 守卫，覆盖 cronToHuman 等
  所有调用者。

新增 4 个测试覆盖：cron undefined 输入返回 null、ExecuteTool schema
验证拒绝错字段名且 validateInput 不被触达、.default() 透传、MCP-like
工具跳过 schema 校验。

Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>

src/utils/__tests__/cron.test.ts

@@ -94,6 +94,16 @@ describe('parseCronExpression', () => {
     test('returns null for non-numeric tokens', () => {
       expect(parseCronExpression('abc * * * *')).toBeNull()
     })
+
+    test('returns null for undefined input without throwing', () => {
+      // CronCreateTool.validateInput receives raw params from ExecuteExtraTool;
+      // when the model passes a wrong field name (e.g. 'schedule' instead of
+      // 'cron'), input.cron is undefined. Calling .trim() on undefined crashes
+      // with "undefined is not an object" — parseCronExpression must fail
+      // gracefully so the tool layer can return a clear validation error.
+      expect(parseCronExpression(undefined as unknown as string)).toBeNull()
+      expect(parseCronExpression(null as unknown as string)).toBeNull()
+    })
   })
 
   describe('field range validation', () => {

src/utils/cron.ts

@@ -81,6 +81,12 @@ function expandField(field: string, range: FieldRange): number[] | null {
  * Returns null if invalid or unsupported syntax.
  */
 export function parseCronExpression(expr: string): CronFields | null {
+  // Defensive against non-string input: ExecuteExtraTool passes raw params
+  // through to validateInput without re-running the target tool's schema, so
+  // a wrong field name (e.g. 'schedule' instead of 'cron') surfaces here as
+  // undefined. Without this guard, .trim() below throws "undefined is not an
+  // object" — every CronCreate call from ExecuteExtraTool fails identically.
+  if (typeof expr !== 'string') return null
   const parts = expr.trim().split(/\s+/)
   if (parts.length !== 5) return null