fix: address 0.5.0 release blockers

[ggonzalez94]

Summary

• Security: Tempo batched swap pre-sign policy now validates approve call.Target against the action's input token, enforces at most one approve per batch, and requires value=0 on approve calls. Prevents tampered actions from sneaking approvals on arbitrary tokens.
• Moonwell RPC: Wires --rpc-url for lend markets, lend rates, and yield opportunities so users can override the default Base RPC (https://mainnet.base.org) for on-chain multicall reads.
• Docs: Adds wallet balance to Mintlify command reference; fixes Tempo signer "spending limits" → "expiry checks" across README/CHANGELOG/Mintlify; surfaces Moonwell mWETH/native ETH caveat in public docs.

Changes

File	What
internal/execution/policy_basic.go	Approve target, count, and value validation in validateTempoSwapCalls
internal/execution/policy_basic_test.go	3 regression tests: wrong token, duplicate approve, non-zero value
internal/providers/moonwell/client.go	SetRPCOverride method
internal/app/runner.go	--rpc-url flag for markets/rates/opportunities + applyRPCOverride helper
docs/reference/wallet-and-meta-commands.mdx	Wallet balance reference (renamed from meta-commands)
docs/reference/commands-overview.mdx	Added wallet to command list
docs/docs.json	Updated nav slug
README.md	Tempo signer wording fix + Moonwell mWETH caveat
CHANGELOG.md	Tempo signer wording fix
docs/concepts/providers-and-auth.mdx	Tempo signer wording fix + Moonwell mWETH caveat

Test plan

• go test ./... passes
• go vet ./... clean
• New regression tests cover wrong-token approve, duplicate approve, non-zero value approve
• Existing batched swap test updated with token_in metadata
• Smoke lend markets --provider moonwell --chain 8453 --asset USDC --rpc-url <reliable-rpc> on Base
• Verify Mintlify docs render (npx mint validate from docs/)

🤖 Generated with Claude Code

---

Note

Medium Risk
Strengthens pre-sign validation for Tempo batched swap steps, which directly affects transaction safety and could block previously accepted (but unsafe) actions. Also changes cached request keys/behavior for Moonwell read commands by introducing --rpc-url overrides, which may impact caching and provider connectivity.

Overview
Hardens Tempo batched swap pre-sign policy by enforcing at most one ERC-20 approve call per batch, requiring approve to have value=0, and validating the approve call.Target against the action’s token_in metadata (with new regression tests covering wrong-token, duplicate-approve, non-zero-value, and missing-metadata cases).

Adds user-configurable RPC routing for on-chain Moonwell reads by wiring a --rpc-url override through lend markets, lend rates, and yield opportunities (including cache-keying on rpc_url) via a new rpcConfigurable/applyRPCOverride helper and a moonwell.Client.SetRPCOverride implementation.

Docs/navigation updates: adds wallet to the command reference and expands the wallet balance docs page, fixes Tempo --signer tempo wording, and documents Moonwell mWETH/native ETH wrapping caveats.

^{Written by Cursor Bugbot for commit a4f7640. This will update automatically on new commits. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}