refactor(create-expert): generalize adversarial testing patterns

[FL4TLiN3]

Summary

Replace specific attack type references with security principles for adversarial testing.

Changes

• functional-manager: Changed from "Prompt injection resistance, path traversal prevention, instruction confidentiality" to "Security boundary enforcement, input validation, information protection"
• property-extractor: Changed from "No path traversal, no instruction leakage" to "Maintains boundaries, protects internal information"
• expert-tester: Added adversarial stage guidance with principle-based probes (boundary enforcement, input validation, information protection)

Rationale

Per best practices: Test security principles, not specific attack strings. This makes the testing more generalizable and less dependent on known attack patterns.

Closes #359

🤖 Generated with Claude Code

---

Note

Shifts adversarial testing from attack strings to principle-based security.

• Updates functional-manager adversarial criteria to focus on boundary enforcement, input validation, and information protection; adjusts pass condition wording
• Revises property-extractor security property to "Maintains boundaries, protects internal information"
• Enhances expert-tester with adversarial-stage guidance and principle-based test case generation
• Adds changeset entry documenting a patch for create-expert

^{Written by Cursor Bugbot for commit 25199c6. This will update automatically on new commits. Configure here.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!