Add OWASP cache key evidence fixtures

[DENGXUELIN]

/claim #1733

Summary

Adds fixture-backed web cache poisoning and cache-key evidence handling to owasp-top-10-web.

Changes include:

• adds CACHE-KEY-01 through CACHE-KEY-08 for cache boundary inventory, cache key inputs, origin input inventory, unkeyed influence, cacheability evidence, user/tenant separation, normalization parity, and poison impact
• extends A05 detection and mitigation guidance for CDN/reverse-proxy/framework/object cache key omissions
• adds a supplemental cache-key evidence output table and the cacheability-vs-cache-key common pitfall
• adds benign/vulnerable Express fixtures for correct Vary/cache-key handling versus path-only cache keys with X-Forwarded-Host influence on canonical and script URLs

Why

The existing #1734, #1735, and #1874 PRs add useful SKILL.md guidance, but they do not add local regression fixtures. This PR keeps the change focused and adds concrete benign and vulnerable examples so future reviews distinguish cacheability evidence from cache-key safety.

Validation

• git diff --check origin/main...HEAD
• Markdown fence-balance check for modified files
• Marker check for CACHE-KEY-01 through CACHE-KEY-08, Web Cache Poisoning / Cache-Key Evidence Gate, Cache Key Inputs, Unkeyed Influence, X-Forwarded-Host, Cache-Control, PortSwigger Web Cache Poisoning, Treating cacheability headers as cache-key proof, and version: "1.0.2"
• Express fixture marker check for Cache-Control, X-CDN-Cache-Key, Accept-Language, Vary, keyed host/query/locale policy, ignored X-Forwarded-Host, and req.originalUrl
• Added-line ASCII scan
• Added-line sensitive/public-contact pattern scan
• git merge-tree --write-tree origin/main HEAD

Bounty

I have read and agree to the CONTRIBUTING.md bounty terms. Requested Improver Moderate tier if accepted.