Use centrally managed tsp-client installation instead of on-demand npx execution

[raych1]

Currently, we invoke npx --yes {packageName} to run tsp-client. This approach installs the latest version of the package globally if it's not already available locally, which can introduce unnecessary changes in the environment and expose us to potential risks from malicious dependencies.

To mitigate these risks and ensure consistent behavior, we should update our tooling to use the tsp-client binary installed in the centralized location at eng/common/tsp-client, rather than dynamically fetching it with npx.

For usage instructions and best practices, please refer to the central tsp-client usage guideline.

[m-redding]

The check and instruction pairing that I tried to fix in #13660 doesn't work together, so as part of this one of those needs to be updated. Independent of the tool, you can't follow that instruction and then run the check, the check fails

[raych1]

You're right. The check would need to be aligned with the installed location.