feat(llm-security): seed top-jetbrains-plugins.json + loadJetBrainsBlocklist export

Step 1/17 of ultraplan-2026-04-17-jetbrains-ide-scan.

- Populate top-jetbrains-plugins.json with 56 canonical xmlIds (bundled +
  popular third-party): com.intellij.java, org.jetbrains.kotlin,
  com.jetbrains.python.community, org.rust.lang, com.github.copilot,
  mobi.hsz.idea.gitignore, the legitimate-typo 'Lombook Plugin', etc.
- Add loadJetBrainsBlocklist() export mirroring loadVSCodeBlocklist shape.
  Blocklist is empty by design — no public confirmed-malicious JetBrains
  Marketplace plugins as of 2026-04-17.
- Add tests/scanners/ide-extension-data.test.mjs (9 tests, all pass).
- Fix cache bug in loadTopJetBrains: map normalizeId on cache-hit path too
  (was previously unnormalized on second call).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

plugins/llm-security/knowledge/top-jetbrains-plugins.json

@@ -1,10 +1,68 @@
 {
   "_meta": {
-    "source": "Stub for v1.1 — IntelliJ discovery deferred. See research brief §2, §4.",
-    "count": 0,
+    "source": "Curated from JetBrains Marketplace + bundled IDE plugins per research brief §3 (2026-04-17). See docs/plans/jetbrains-research-brief.md.",
+    "count": 56,
     "last_updated": "2026-04-17",
-    "purpose": "Typosquat detection seed for JetBrains plugins. To be populated in v1.1."
+    "purpose": "Typosquat detection seed for JetBrains plugins. Canonical xmlIds — Levenshtein <= 2 against these flags suspicious lookalikes.",
+    "blocklist_note": "Empty by design — no public confirmed-malicious JetBrains Marketplace plugins as of 2026-04-17. Enterprise policy.json can seed private entries with form {id, version_range, reason, source}."
   },
-  "jetbrains": [],
+  "jetbrains": [
+    "com.intellij.java",
+    "com.intellij.java-i18n",
+    "com.intellij.copyright",
+    "com.intellij.properties",
+    "com.intellij.platform.images",
+    "com.intellij.tasks",
+    "com.intellij.terminal",
+    "com.intellij.markdown",
+    "com.intellij.gradle",
+    "com.intellij.groovy",
+    "com.intellij.maven",
+    "com.intellij.database",
+    "com.intellij.clouds.kubernetes",
+    "com.intellij.clouds.docker",
+    "com.intellij.spring",
+    "com.intellij.javaee",
+    "com.intellij.javaee.web",
+    "com.intellij.javaee.app.servers.integration",
+    "com.intellij.settingsSync",
+    "com.intellij.plugins.watcher",
+    "org.jetbrains.plugins.yaml",
+    "org.jetbrains.plugins.gradle",
+    "org.jetbrains.plugins.github",
+    "org.jetbrains.idea.eclipse",
+    "org.jetbrains.plugins.vue",
+    "org.jetbrains.plugins.node",
+    "org.jetbrains.plugins.javaFX",
+    "org.jetbrains.plugins.gitlab",
+    "org.jetbrains.plugins.textmate",
+    "org.jetbrains.kotlin",
+    "org.jetbrains.plugins.ruby",
+    "org.jetbrains.idea.maven",
+    "org.jetbrains.plugins.terminal",
+    "com.jetbrains.php",
+    "com.jetbrains.python",
+    "com.jetbrains.python.community",
+    "com.jetbrains.space",
+    "com.jetbrains.restClient",
+    "com.jetbrains.rust",
+    "org.intellij.scala",
+    "org.rust.lang",
+    "com.github.copilot",
+    "com.sonarlint.idea",
+    "mobi.hsz.idea.gitignore",
+    "Lombook Plugin",
+    "com.google.idea.bazel.ijwb",
+    "org.asciidoctor.intellij.asciidoc",
+    "org.toml.lang",
+    "String Manipulation",
+    "Key Promoter X",
+    "Rainbow Brackets",
+    "com.chrisrm.idea.MaterialThemeUI",
+    "com.markskelton.one-dark-theme",
+    "AceJump",
+    "CodeGlance",
+    "PlantUML integration"
+  ],
   "blocklist": []
 }