New rule: block sudo / su privilege escalation

[sarahxsanders]

Context

From Vincent's review on PR #12 — AI agents should generally never need root access. Currently we only flag sudo when combined with a dangerous deletion.

What to catch

• sudo <any command>
• su / su - / su root
• doas (OpenBSD sudo alternative)

Considerations

• Some sudo uses might be legitimate in deployment contexts (e.g., sudo systemctl restart nginx).
• Need to decide severity: warn (flag it, let consumers decide) vs block (hard stop).
• Could allow-list common safe patterns or use a two-tier approach (warn by default, block for destructive commands).

Origin

PR #12 review comment by @gewenyu99