0.9.post3

Updates:

• detect exfiltration-via-markdown attack
• detect if models will help generate malware
• accept newer OpenAI generators
• broader test coverage
• refactoring for probe readability
• use smaller versions of snowball + promptinject by default
• add mappings to AVID taxonomy
• add a "hit log" to record successful attacks
• add analysis script for rough HTML report generation
• bug fixes around longer inputs
• handle server-side OpenAI API failures nicely