feat: add ssr-browser-api-guard lint rule

[danielchen0]

Summary

• Adds ssr-browser-api-guard rule that detects browser-only globals (window, localStorage, navigator, document, location, history, alert, confirm, prompt, self) in files without a "use client" directive
• These references crash during SSR in server components — 510+ production errors/week
• Complements the existing browser-api-in-useeffect rule (which targets client files) by catching the server component case
• Allows safe contexts: useEffect, typeof guards, && short-circuits, event handlers, addEventListener
• Platform: web only

Test plan

Scenario	Expected
window.innerWidth in file without "use client"	Error flagged
localStorage.getItem() in file without "use client"	Error flagged
navigator.language in server component	Error flagged
alert() call in server component	Error flagged
Same code with "use client" directive	No error (deferred to browser-api-in-useeffect)
Access inside useEffect	No error
Access inside typeof window !== 'undefined' guard	No error
typeof window !== 'undefined' && window.foo short-circuit	No error
Access inside onClick handler	No error