Fix 10 HIGH integer comparisons in security modules (malware-scanner, optimize-ct-limit, live-attack-monitor)

FIXES:
malware-scanner.sh:
- Line 433: $skip → ${skip:-0}
- Line 938: $flagged_ips → ${flagged_ips:-0}

optimize-ct-limit.sh:
- Line 811: $AUTO_MODE → ${AUTO_MODE:-0}
- Line 845: $AUTO_MODE → ${AUTO_MODE:-0}
- Line 879: $AUTO_MODE → ${AUTO_MODE:-0}

live-attack-monitor.sh:
- Line 232: $hits → ${hits:-0}
- Line 253: $new_score → ${new_score:-0}
- Line 260: $new_score → ${new_score:-0}
- Line 269: $new_score → ${new_score:-0}
- Line 319: $hits → ${hits:-0}

IMPACT:
- Prevents "integer expression expected" errors
- Safe defaults for all integer comparisons
- More robust error handling

QA STATUS:
- 10 more HIGH issues remain in live-attack-monitor.sh
- Will address in next commit

modules/security/malware-scanner.sh

@@ -430,7 +430,7 @@ sanitize_docroots() {
             fi
         done
 
-        if [ $skip -eq 0 ]; then
+        if [ "${skip:-0}" -eq 0 ]; then
             sanitized_docroot+=("$docroot")
         fi
     done
@@ -935,7 +935,7 @@ done
             fi
         done < <(sort -u "$INFECTED_LIST" | head -20)  # Limit to first 20 files to avoid long processing
 
-        if [ $flagged_ips -gt 0 ]; then
+        if [ "${flagged_ips:-0}" -gt 0 ]; then
             echo "✓ Flagged $flagged_ips IPs in reputation database"
             echo "  (See $LOG_DIR/flagged_ips.log for details)"
         else