fix: address multi-model review consensus — movePath guard, case-insensitive matching, expanded patterns

Fixes from consensus across GPT 5.2, Kimi K2.5, MiniMax M2.5, and GLM-5 reviews:

- Add `assertSensitiveWrite(ctx, movePath)` for move destinations in `apply_patch`
  (CRITICAL: 3 models flagged that moves to `.ssh/`, `.env` bypassed sensitive check)
- Add case-insensitive matching on macOS/Windows for sensitive dirs and files
  (`.GIT/config`, `.SSH/id_rsa` now correctly detected on case-insensitive FS)
- Expand `SENSITIVE_FILES` with `.htpasswd`, `.pgpass`
- Add `SENSITIVE_EXTENSIONS` for private keys: `.pem`, `.key`, `.p12`, `.pfx`
- Add tests: case-insensitive matching, certificate extensions, credential files

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: anandgupta42