Add image size monitoring to verify step

[lex57ukr]

Problem

As tools are added to the ci-tools image, its size grows unbounded. There is no automated check to catch unexpected bloat (e.g. a tool pulling in large transitive dependencies).

Proposal

Add a size assertion to the verify step. For example, fail if the image exceeds a configurable threshold (e.g. 500MB). This could be:

• A check_size function in scripts/lib/verify.sh
• A Make target that runs docker image inspect and compares
• A simple assertion at the end of scripts/ci-tools/verify.sh

Context

Flagged during operational review. The image is currently lean (gcc is removed after use, caches are cleaned), but there is no guardrail to prevent regressions.