feat: add Lua sandbox validation for plugins via deck plugin lint

[thesp0nge]

Introduces a robust static analysis tool for Lua plugin code within decK. The linter checks for security evasion patterns and compatibility with Kong Gateway sandbox levels (OSS and Enterprise profiles).

Key features:

• AST-based semantic analysis using gopher-lua.
• Multi-policy support via embedded YAML Knowledge Base.
• Support for stdin, literal code, and file input.
• Detection of dangerous side-channel attacks (e.g., SQL-to-shell).
• Detailed reporting with line numbers and severity levels.

[CLAassistant]

All committers have signed the CLA.

[codecov-commenter]

Codecov Report

❌ Patch coverage is 50.51020% with 97 lines in your changes missing coverage. Please review.
✅ Project coverage is 33.07%. Comparing base (d45e00b) to head (a702de8).

Files with missing lines	Patch %	Lines
cmd/plugin_lint.go	0.00%	46 Missing ⚠️
plugin/lua/validator.go	69.71%	27 Missing and 16 partials ⚠️
cmd/plugin.go	0.00%	7 Missing ⚠️
cmd/root.go	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2068      +/-   ##
==========================================
+ Coverage   32.64%   33.07%   +0.43%     
==========================================
  Files          77       80       +3     
  Lines        7126     7322     +196     
==========================================
+ Hits         2326     2422      +96     
- Misses       4605     4688      +83     
- Partials      195      212      +17     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.