v0.1.11 — Correctness + safety fixes

Critical fixes from full code/security/performance review:

Correctness

• FQN normalization centralized — db_annotate, db_discover_relationships, db_get_relationships, db_sync_knowledge now all use the same canonical key as db_get_schema. Fixes the teammate-reported bug where annotations silently vanish.
• truncated flag no longer a false positive on exact-fit results
• column_name lookups now case-insensitive (fixes 'OrderDate' vs 'orderdate' merge failures)

Safety

• SELECT INTO OUTFILE / DUMPFILE / SELECT * INTO new_table now rejected by the static analyzer (closes MySQL filesystem-write bypass)
• db_search no longer crashes on * or other unsupported FTS queries — returns []
• Tunnel script TimeoutExpired caught and re-raised as RuntimeError with helpful message
• Knowledge SQLite files now chmod 600 on POSIX (was world-readable)

Tests: 176/176 pass (+30 new regression tests covering INTO bypass, FTS edge cases, FQN normalization, tunnel timeout, column case, file permissions).