Harden resource limits for issue 4058

[Widthdom]

Summary

• Added a pre-parse worker protocol JSON payload guard for the negotiated character/UTF-8 frame cap.
• Clamped oversized worker protocol frame expansion to a named 384 MiB ceiling instead of int.MaxValue.
• Added regression coverage for worker JSON over-limit handling, huge file-cap clamping, and pathological find --regex timeout handling.

Validation

• dotnet test tests/CodeIndex.Tests/CodeIndex.Tests.csproj --filter "FullyQualifiedName~IndexCommandRunnerTests.WorkerProtocol|FullyQualifiedName~QueryCommandRunnerTests.RunFind_Regex|FullyQualifiedName~SymbolExtractionWorker_StartInfo_RaisesProtocolLimitForLargeFileCap|FullyQualifiedName~PostExtractionHookCallbackWorker_StartInfo_RaisesProtocolLimitForLargeFileCap"
• dotnet run --project tools/CodeIndex.Changelog -- check
• dotnet build
• dotnet ./src/CodeIndex/bin/Debug/net8.0/cdidx.dll status --check --json

dotnet format CodeIndex.sln --verify-no-changes and the same command narrowed with --no-restore --include ... did not complete in this environment and were stopped after long no-output waits.

Documentation and changelog

• Updated DEVELOPER_GUIDE.md in both English and Japanese sections.
• Added changelog.d/unreleased/4058.security.md.

Review

• Manual adversarial review of origin/main..HEAD: No blocking/actionable issues found.
• codex exec review --base origin/main and codex exec --ignore-rules review --base origin/main were attempted, but both could not complete because internal shell executions repeatedly exited with 134/1.

Follow-up candidates

• None.

Fixes #4058