feat(replicated): clarify file/env injection contract with explicit errors

[elasticclaw-factory]

Fixes #300

The Replicated CMX provider cannot inject TemplateFiles or Env at creation time because the VM must be running before SSH is available. The hub's bootstrapReplicated path already handles file injection separately after the VM is running.

This change makes the contract explicit rather than silently ignoring data:

• Create() now returns an error if TemplateFiles or Env are provided
• ProvisionClaw() now returns an error if templateFiles are provided
• Added provider-level tests for the error behavior
• Added documentation comments explaining the limitation and pointing to the bootstrap path

[greptile-apps]

Comments Outside Diff (1)

1. pkg/provider/replicated/replicated.go, line 241-263 (link)

   env silently dropped despite docstring claiming it is passed through

   The doc comment says "env is passed through to the bootstrap script", but the implementation never touches env — it calls p.CreateVM(ctx, req) and returns immediately without forwarding the map anywhere. A caller that passes env vars here will get neither an error nor any effect, which is exactly the silent data loss the PR is designed to eliminate.

   Either the guard should mirror the Create() pattern and reject a non-nil env with an error, or the docstring must be corrected to state that env is ignored (and the hub's bootstrap path is solely responsible for environment injection). As written, the misleading comment makes it easy for future callers to assume the values are applied.

_{Reviews (1): Last reviewed commit: "feat(replicated): clarify file/env injec..." | Re-trigger Greptile}

[greptile-apps]

_{Reviews (2): Last reviewed commit: "fix(replicated): reject env in Provision..." | Re-trigger Greptile}

[greptile-apps]

_{Reviews (3): Last reviewed commit: "Defer replicated env injection during pr..." | Re-trigger Greptile}