feat: 实现完整安全防护系统

Phase 1 - 威胁检测引擎:
- security/threat_detector.py: JNDI/SQL/XSS/路径遍历/命令注入检测
- security/constants.py: 威胁检测规则和评分常量
- 数据库表: threat_events, ip_risk_scores, user_risk_scores, ip_blacklist

Phase 2 - 风险评分与黑名单:
- security/risk_scorer.py: IP/用户风险评分引擎，支持分数衰减
- security/blacklist.py: 黑名单管理，自动封禁规则

Phase 3 - 响应策略:
- security/honeypot.py: 蜜罐响应生成器
- security/response_handler.py: 渐进式响应策略

Phase 4 - 集成:
- security/middleware.py: Flask安全中间件
- routes/admin_api/security.py: 管理后台安全仪表板API
- 36个测试用例全部通过

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app.py

@@ -32,6 +32,7 @@ from browser_pool_worker import init_browser_worker_pool, shutdown_browser_worke
 from realtime.socketio_handlers import register_socketio_handlers
 from realtime.status_push import status_push_worker
 from routes import register_blueprints
+from security import init_security_middleware
 from services.browser_manager import init_browser_manager
 from services.checkpoints import init_checkpoint_manager
 from services.maintenance import start_cleanup_scheduler
@@ -98,6 +99,9 @@ init_logging(log_level=config.LOG_LEVEL, log_file=config.LOG_FILE)
 logger = get_logger("app")
 init_runtime(socketio=socketio, logger=logger)
 
+# 初始化安全中间件（需在其他中间件/Blueprint 之前注册）
+init_security_middleware(app)
+
 # 注册 Blueprint（路由不变）
 register_blueprints(app)