#682 SEC-02: Pickle deserialization RCE vulnerability

Location: engine/rag/assistant.py:116. Issue: pickle.loads() on data from database is an RCE vector. If attacker gains DB write access, they can inject malicious pickled objects. Fix: Replace pickle with JSON+HMAC signing or use numpy.load with allow_pickle=False.