Replace Math.random() with crypto.randomBytes() to fix CodeQL High severity
finding for insecure randomness in security context.
- Add secureRandomInt() helper using rejection sampling to avoid modulo bias
- Add shuffleArraySecure() using Fisher-Yates with secure random source
- Update generatePassword() to use secure helpers for all random operations
e4e66e328f