v0.3.1: eliminate RCE via *read-eval* nil (Parser RCE Elimination)

Wrap read-from-string/read with (let ((*read-eval* nil)) ...) at three
untrusted-input code paths:

1. think() in core-loop-reason — LLM output parsing. LLM output is
   untrusted by definition; #.(shell ...) in a response must not execute.

2. action-system-execute in core-loop-act — :system :eval path processes
   untrusted payload code from the signal pipeline.

3. load-memory-from-disk in core-memory — memory.snap file could be
   corrupted or planted in ~/, must not execute #. reader macros.

Adds test-read-eval-rce-blocked to pipeline-reason-suite: mocks a
backend returning malicious output containing #.(setf ...), verifies
no side effects occur and safe fallback is returned.

RED proof recorded: *read-eval* T + #.(setf ...) → :PWNED (RCE active)
GREEN proof:    *read-eval* NIL → reader-error caught (RCE blocked)

Test: reason 12/0, full suite 88/0

lisp/core-loop-act.lisp

@@ -59,7 +59,7 @@
          (cmd (getf payload :action)))
     (case cmd
       (:eval
-       (eval (read-from-string (getf payload :code))))
+       (eval (let ((*read-eval* nil)) (read-from-string (getf payload :code)))))
       (:message
        (log-message "ACT [System]: ~a" (getf payload :text)))
       (t