docs(security): monitor unpatched diskcache CVE with 90-day escalation (#3446)

[mrveiss]

Issue: diskcache <=5.6.3 has unpatched CVE (deserialization vulnerability, Dependabot alert #278).

Analysis:

• No explicit dependency in AutoBot (transitive via LlamaIndex)
• No AutoBot code imports diskcache directly
• Exposure limited to write-access to cache directory (OS-protected)
• Dismissed as tolerable_risk on 2026-04-04

Action: Document CVE status with monitoring guidance and 90-day escalation path (2026-07-07).

Closes #3446