v0.3.1 — Security patch - Fix json gem CVE-2026-33210 (format string injection) - Fix InSpec test regression: command result caching and CWD shell built-in - Kitchen test: 69/69 passing (debian-12) - CI pipeline: 17/17 jobs green (Ruby 3.2, 3.3, 3.4 + mutation + security + quality)