#373 CRITICAL: Replace unsafe eval() with safe expression parser

variable_resolver.py:177-186 uses eval() with empty __builtins__ for condition evaluation. This is insufficient to prevent code injection. Malicious workflow definitions could execute arbitrary code. Fix: Implement safe expression parser using ast module or simpleeval library.