#5401: fix(media-understanding): detect audio binary by magic bytes to prevent context injection

## Summary - Adds magic byte detection for audio files (MP3, WAV, OGG, FLAC, M4A, AAC, AIFF, WMA) to prevent malicious text content from being injected into LLM context - Audio files are now validated by checking their binary signature before processing, similar to existing image validation - Prevents attackers from crafting files with valid audio extensions but containing executable prompts or malicious instructions ## Test plan - [x] Unit tests added for all supported audio formats - [x] Tests verify that valid audio files pass validation - [x] Tests verify that fake audio files (text content with audio extension) are rejected - [x] All existing tests pass (4905 tests) <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> This PR adds an audio “magic bytes” detector in `src/media-understanding/apply.ts` and uses it during file-attachment processing to try to prevent text content disguised as audio from being extracted into the LLM context. The new logic introduces a set of audio-like extensions and a small list of binary signatures (OGG/ID3/MP3 frame sync/RIFF/FLAC/EBML). During `extractFileBlocks`, it checks the attachment’s extension and buffer and conditionally skips file extraction. <h3>Confidence Score: 2/5</h3> - This PR has a likely logic inversion that can undermine the intended security fix. - While the change is localized, the new early-`continue` triggers when audio magic bytes are present, which appears opposite to the stated intent (reject text masquerading as audio). If merged as-is, it may still allow prompt injection via “.mp3”/etc files containing text, and may also skip legitimate file attachments. Additionally, some signatures (RIFF/EBML) are broad and can misclassify non-audio containers. - src/media-understanding/apply.ts (audio magic-byte gating logic and signature strictness) <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} **Context used:** - Context from `dashboard` - CLAUDE.md ([source](https://app.greptile.com/review/custom-context?memory=fd949e91-5c3a-4ab5-90a1-cbe184fd6ce8)) - Context from `dashboard` - AGENTS.md ([source](https://app.greptile.com/review/custom-context?memory=0d0c8278-ef8e-4d6c-ab21-f5527e322f13)) <!-- /greptile_comment -->