chore: update inline imports to just look for process spawning, file writes, and environment modification to reduce fps

[art1f1c3R]

Summary

In many recent runs of Macaron, it is increasingly common for benign packages to use inline imports of the os, sys, and builtins modules to perform actions such as reading the README.md file in setup.py, and perform other benign actions. To avoid detecting these, this revised rule now only checks for instances of inline importing these modules that spawn processes, write to files, or make modifications to the environment.

Description of changes

The obfuscation_inline-imports rule now only checks for process spawning and file writes for builtins, process execution and setting the recursion limit for sys, and process spawning, file writes, and environment modification for os. These operations may appear to be malicious when used with inline imports to obfuscate their use. Test files and expected results have been updated accordingly.

Checklist

• I have reviewed the contribution guide.
• My PR title and commits follow the Conventional Commits convention.
• My commits include the "Signed-off-by" line.
• I have signed my commits following the instructions provided by GitHub. Note that we run GitHub's commit verification tool to check the commit signatures. A green verified label should appear next to all of your commits on GitHub.
• I have updated the relevant documentation, if applicable.
• I have tested my changes and verified they work as expected.