Improve prompt injection multimodal and gateway evidence gates

[bnpl7]

Summary

• Adds coverage for Cross-Site Prompt Injection (XSPI) and multi-agent cascading context flows in Section 3 (Identify Indirect Injection Vectors).
• Adds a new "### 4.6 Multimodal Injection" section in Section 4 (Test Categories) covering injections embedded in non-text media (e.g., images, audio, video).
• Adds a new "### 5.8 LLM Gateway / AI Firewall" section in Section 5 (Defense Evaluation) covering independent gateway proxy layers (e.g., NeMo Guardrails, Lakera Guard, Llama Guard).
• Expands Section 6 (Output Format) report template to include Multimodal Injection in the Finding categories.
• Adds "Pitfall 6: Neglecting multimodal injection vectors in visual or audio files" to the Common Pitfalls section.
• Appends security reference URLs for NVIDIA NeMo Guardrails and Meta Llama Guard.

Bounty Info

Addresses #1437.

I have read and agree to the CONTRIBUTING.md bounty terms. Preferred payment method: PayPal, to be provided privately after acceptance.