feat(analyzer): detect cloud-storage exfiltration as E5

[CharmingGroot]

Summary

The data_exfiltration analyzer (E1–E4) only models HTTP sinks (requests/httpx/urllib/fetch/curl/wget). Exfiltration through cloud-storage SDKs and CLIs was undetected: a skill that uploads data to an external bucket via boto3 scored 0/100 SAFE (#217). This adds E5, the cloud-storage counterpart of E1.

Changes

static_patterns_data_exfiltration.py gains E5_PATTERNS — boto3 put_object / upload_file(obj), aws s3 cp/sync/mv, aws s3api put-object, gsutil cp/rsync/mv, google-cloud-storage upload_from_*, az storage blob upload, and Azure upload_blob — and an E5 pass filtered through the existing is_code_example() helper (upload calls commonly appear in SKILL.md docs). pattern_defaults.py registers the E5 explanation, category, message, and remediation alongside E1–E4.

Before / After

A cloud-only upload skill (boto3 put_object + upload_fileobj, no credential read):

• Before: 0/100 SAFE, 0 findings — the cloud-exfiltration channel was entirely invisible
• After: E5 ×2 MEDIUM — the channel is surfaced for review

Design Decisions

Decision	Rationale
Severity MEDIUM, confidence 0.5–0.65	Mirrors E1. A standalone cloud upload can be a legitimate backup, so E5 surfaces the channel rather than hard-blocking — it adds no FP beyond E1's existing level.
Reuse is_code_example()	Upload calls appear in docs/examples; the shared helper suppresses those without new code.
Static pattern now, taint later	A high-confidence "credential/file → cloud upload" flow belongs in the taint sinks (TT3/TT4); noted as follow-up. With a credential read, E5 already rides alongside the 86/CRITICAL Case in #217.

The LLM layer scores the same cloud-only file 91/CRITICAL (SSD-3: "exfiltrate ... to an external cloud storage bucket"), so --no-llm / air-gapped / CI deployments were the exposed surface this closes.

Testing

8 new tests cover boto3 put_object and upload_file/upload_fileobj, aws s3 cp/sync, gsutil cp, google-cloud-storage upload_from_*, Azure upload_blob, a documentation-example exclusion, and a benign client-creation negative. make format and make lint pass; uv run pytest -m "not integration and not provider" reports 997 passed, 0 failed.

Closes #217

[rng1995]

Approving — additive E5 (cloud-storage exfiltration) detection covering boto3/S3, AWS CLI, GCS CLI+SDK, and Azure CLI+SDK upload calls. The deliberately low confidence (0.55–0.65) and MEDIUM severity are the right call given legitimate backups, and is_code_example() filters docs. Tests confirm real upload calls fire while client creation alone (list_buckets) and doc examples do not. pattern_defaults.py wiring (category/description/remediation/display) is consistent.

Non-blocking: pattern_defaults.py is also edited by #220 — minor rebase for whichever merges second.