fix(llm-security): B1 pathguard regex — match multi-segment .env.*.*

The previous ENV regex `/[\\/]\.env\.[a-z]+$/` only matched a single
lowercase segment after `.env`. Multi-segment and mixed-case variants
such as `.env.production.local.backup`, `.env.stage-1.local`, and
`.env.CI.secret` slipped past the hook. Replaced with
`/[\\/]\.env(\.[A-Za-z0-9._-]+)*$/` which matches `.env` plus any
number of dot-separated alphanumeric/dot/hyphen/underscore segments.
`.envrc` (direnv config, no dot separator) is still allowed.

Addresses critical review 2026-04-20 §2 B1 (HIGH).

Tests: 7 added (6 new multi-segment BLOCK cases + 1 .envrc ALLOW).
All 1494 tests pass.

plugins/llm-security/hooks/scripts/pre-write-pathguard.mjs

@@ -17,11 +17,15 @@ import { getPolicyValue } from '../../scanners/lib/policy-loader.mjs';
 // Sensitive path patterns — 8 categories
 // ---------------------------------------------------------------------------
 
-/** Category 1: Environment files */
+/** Category 1: Environment files
+ *  Matches `.env` and any multi-segment suffix after it, e.g.
+ *  `.env.local`, `.env.production.local.backup`, `.env.stage-1.local`,
+ *  `.env.CI.secret`. Does NOT match `.envrc` (direnv) — no dot separator.
+ *  v7.1.0 B1 fix: previous regex `/[\\/]\.env\.[a-z]+$/` only matched a
+ *  single lowercase segment after `.env`.
+ */
 const ENV_PATTERNS = [
-  /[\\/]\.env$/,
-  /[\\/]\.env\.[a-z]+$/,          // .env.local, .env.production, etc.
-  /[\\/]\.env\.local$/,
+  /[\\/]\.env(\.[A-Za-z0-9._-]+)*$/,
 ];
 
 /** Category 2: SSH directory */