Summary

Addresses the highest-priority issues from the full codebase audit (AUDIT.md). Three independent fixes across 58 files:

• ForEach crash prevention — ForEach($array) { $item in on mutable struct arrays causes out-of-bounds crashes when items are removed. Replaced with ID-based safe binding lookup via new Binding+SafeLookup extension in ConnectionSSHTunnelView, SSHProfileEditorView, and ExportTableTreeView.

• Sheet presentation for prompts — PasswordPromptHelper and PromptTOTPProvider used runModal() which freezes the entire app. Now use beginSheetModal(for:) as sheets on the active window, with runModal() fallback when no window is available.

• Localization fix — 112 instances of String(localized: "text \(var)") across 50 files created dynamic keys that never match the strings catalog. All replaced with String(format: String(localized: "text %@"), var).

Test plan

• SSH tunnel: add 3 jump hosts → delete the middle one → no crash
• SSH tunnel: reorder jump hosts via drag → no crash
• SSH profile editor: same jump host add/delete/reorder tests
• Export dialog: open → switch database type → tree refreshes without crash
• Connect with prompt-for-password enabled → password sheet appears on key window (not floating modal)
• Cancel password prompt → connection cancelled correctly
• SSH with TOTP prompt mode → verification code sheet appears on key window
• Verify localized strings display correctly (spot check status bar row counts, export dialog buttons, plugin error messages)
• Build succeeds with zero String(localized: interpolation violations