Static-analysis pass over a plugin's source tree.

Behind mix mob.audit_plugins (see MOB_PLUGIN_SECURITY.md). Walks the plugin's Elixir sources (lib/**/*.ex{,s}) with an AST scanner and its C NIF sources (priv/native/**/*.{c,h}) with a tighter regex pass, flagging patterns Mob considers risky:

• Code.eval_string/1,2,3 and Code.compile_string/1,2 — the prime arbitrary-code-execution vector. Severity :high.
• String.to_atom/1 with a non-literal argument — atom-exhaustion risk. A literal String.to_atom("foo") is fine; flagged only when the argument is a variable or expression. Severity :medium.
• :erlang.binary_to_term/1 — unbounded deserialization. The arity-2 form :erlang.binary_to_term(bin, [:safe]) does not fire (caller has opted into the bounded variant). Severity :high.
• Application.put_env/3,4 targeting :mob — would let a plugin silently retarget plugin activations, host_config keys, etc. get_env is fine. Severity :medium.
• File / network I/O escape hatches outside the plugin's own priv/: File.write{,!}/1,2, File.rm_rf{,!}/1, File.cp{,!}/2, :os.cmd/1, System.cmd/2,3, Path.expand/1 with a ~ literal. We don't try to prove what they touch — flag and let the plugin author either remove or justify. Severity :medium.
• In C NIF sources: calls to system(3), popen(3), execve(2), and raw socket(2) creation. Regex over comment-stripped text. Severities :medium (socket) and :high (system/popen/execve).

Swift / Kotlin sources are out of scope for this commit — the spec (MOB_PLUGIN_SECURITY.md) calls for proper parsers there, and the task surfaces a "not yet audited" summary line instead of guessing with regex.

All checks are pure given file inputs; the only I/O is reading source files off disk.