fix: nightly hardening - config numeric bounds validation

[mouse-value-add]

Problem

PromptLens accepted invalid numeric config values (for example negative retry delay, zero timeout, or out-of-range temperature). These values can slip through config load and fail later at runtime in less obvious ways.

Approach

• Added strict numeric bounds to core config models in promptlens/models/config.py:
  • temperature constrained to 0.0..2.0
  • max_tokens and timeout constrained to positive values
  • parallel_requests positive, retry_attempts non-negative
  • retry_delay_seconds non-negative, timeout_seconds positive
• Added tests/test_config_bounds_validation.py with focused negative cases to ensure invalid values are rejected at parse time.

Verification

• Ran: python3 -m pytest -q tests/test_config_bounds_validation.py
• Result: 8 passed.

Risks

• Some existing user configs with previously tolerated but invalid values will now fail fast during validation.

Rollback Plan

• Revert commit c84798b to restore previous permissive behavior.