feat(analyzer): add agent snooping detector (AS1/AS2/AS3)

[Shrotriya-lalit]

Problem / Gap

No existing analyzer flagged skills that attempt to read the agent's own
configuration directories, access MCP server config files, or enumerate other
installed skills. All three vectors give a malicious skill knowledge it has
no legitimate need for:

• AS1 — Agent config directory access: reading .claude/, .codex/,
  .gemini/, or .continue/ exposes API keys, system prompts, and custom
  instructions stored there.
• AS2 — MCP config file access: mcp.json / mcp_config.json contains
  the full list of MCP servers, their endpoints, and their authentication
  tokens.
• AS3 — Skill enumeration: a skill that lists or reads other skills'
  source files learns the full tool surface of the agent and can craft targeted
  follow-on attacks.

Solution

New static analyzer static_patterns_agent_snooping with 21 patterns across
three rule IDs, registered as analyzer node #21 (position 12, after
static_patterns_rogue_agent).

AS1 patterns (confidence 0.85–0.9)

• open(.claude/…) / Path(".claude/…")
• os.path.join/exists/isfile with agent config directories
• Shell commands (cat, find, grep) targeting ~/.claude/ etc.
• Natural-language instructions to read agent config

AS2 patterns (confidence 0.85–0.9)

• Direct file reads of mcp.json / mcp_config.json
• Path traversal to .claude/mcp.json
• Natural language: "read the MCP configuration"

AS3 patterns (confidence 0.7–0.85)

• os.listdir / glob / Path.glob on skill directories
• Shell ls / find targeting skills folder
• Natural language: "list all available skills"

Files Changed

File	Change
src/skillspector/nodes/analyzers/static_patterns_agent_snooping.py	New analyzer (SPDX header, analyze(), node())
src/skillspector/nodes/analyzers/pattern_defaults.py	Add PatternCategory.AGENT_SNOOPING, AS1–AS3 explanations, remediations, pattern names
src/skillspector/nodes/analyzers/__init__.py	Register node in ANALYZER_NODE_IDS and ANALYZER_NODES
tests/nodes/analyzers/test_static_patterns.py	TestRunStaticPatternsAgentSnooping (5 tests)
tests/nodes/analyzers/test_registry.py	Updated EXPECTED_ANALYZER_NODE_IDS

Tests

• test_as1_agent_config_dir_access_python — Python open() call targeting .claude/
• test_as1_codex_config_dir_access — Path(".codex/config.json") construct
• test_as2_mcp_config_access — direct mcp.json read
• test_as3_skill_enumeration — os.listdir on skills directory
• test_safe_content_no_agent_snooping — clean content produces no findings (false-positive guard)

All 626 existing tests continue to pass.

Closes #75

Checklist

• make lint passes (ruff check src/ tests/)
• All 626 existing tests pass (python -m pytest tests/ -x --ignore=tests/integration)
• New tests for all three rule IDs + safe-content regression
• SPDX header on new file
• DCO sign-off on commit (git commit -s)