ci(release): bump plugin manifests on release; fix marketplace docs

[simonfaltum]

Summary

Makes the Release workflow keep the plugin version in sync with the release tag, and fixes a few Claude Code marketplace docs.

Claude Code's plugin marketplace keys updates on the version field in .claude-plugin/plugin.json. Releases never bumped it (the workflow only tagged and created a GitHub release), so marketplace clients stay on the cached copy and never see new skills. The drift is already live: the latest tag is v0.2.1 but the manifest still says 0.2.0.

Changes

Release pipeline

• New scripts/bump_version.py <vX.Y.Z>: sets version in .claude-plugin/plugin.json and .cursor-plugin/plugin.json to the release version and regenerates manifest.json. Reuses skills.py generation and is stdlib-only, so it runs on the protected runner that can't reach pypi.
• release.yml now: validate tag, run the bump script, commit the bump to main, then create the tag and release from that commit. The tag therefore points at the bumped manifests.

Docs

• README: the Claude Code install command is databricks@databricks-agent-skills (was databricks-skills, which is the Cursor install identifier). Also corrected the example plugin cache path. Cursor's /add-plugin databricks-skills is left unchanged (it is correct, per .cursor-plugin/NOTES.md).
• README: softened the "all release tags will be GPG-signed" claim to match reality. Tags are currently lightweight and unsigned. Wiring real signing needs a release signing key, deferred.
• CONTRIBUTING: added a Releasing section documenting the flow and the cli-compat.json follow-up PR in the CLI repo.

This PR does not itself bump the version (no release is being cut here). The existing 0.2.0 vs v0.2.1 drift self-corrects on the next release via the new workflow.

Reviewer notes

• The commit-to-main step needs CI push access to main. If main is branch-protected, add a bypass (or a PAT) or the push step will fail.
• The workflow commits as github-actions[bot] with -s (DCO sign-off). If a DCO app is enforced org-wide, allowlist the bot.

Documentation safety checklist

No skill examples were added or changed in this PR.

• Examples use least-privilege permissions (no unnecessary ALL PRIVILEGES, admin tokens, or broad scopes)
• Elevated permissions are explicitly called out where required
• Sensitive values are obfuscated (placeholder workspace IDs, URLs, no real tokens)
• No insecure patterns introduced (e.g. disabled TLS verification, hardcoded credentials)

Test plan

• python3 scripts/skills.py validate passes before and after the change.
• Ran bump_version.py v0.2.1: produced single-line version bumps in both plugin manifests, manifest.json unchanged (it keys on per-skill versions); reverted afterward.
• Dry-run the Release workflow once main push access is confirmed.

This pull request and its description were written by Isaac.