Feat/flag CWE owasp identifiers

[kOaDT]

Description

This PR bundles three improvements:

1. CWE & OWASP identifiers on flags — adds optional cwe and owasp fields to the Flag model and seed data (populated for all 31 existing challenges). They are surfaced as colored badges on the flags grid/list, the vulnerability detail page, and the player dashboard, and are searchable from the flags filter input. Also fixes a pre-existing gap where INSECURE_DESIGN was missing from the FlagCategory TypeScript union and from CATEGORY_LABELS, even though it was already used in prisma/seed.ts.
2. Docs: Insecure Randomness in EDUCATORS.md — the gift-card insecure-randomness challenge was not listed in the educators curriculum (challenge table, A02 row, 5-day bootcamp Day 4, semester week 6, junior pentester total). Added it everywhere and bumped the total counts (30 → 32 challenges, 31–45h → 32–46h).
3. Footer: dev.to social link — adds a link to the project's dev.to profile next to the GitHub icon, and bumps both icons from h-5 w-5 to h-6 w-6 for consistent sizing.

AGENTS.md and CONTRIBUTING.md are updated to document the new optional cve / cwe / owasp fields.

Type of change

• Bug fix
• New feature (e-commerce site improvement)
• New vulnerability / flag
• Walkthrough / writeup
• Documentation update
• Other (please describe):

Testing done

• Ran the seed locally and verified cwe / owasp columns are populated on Flag rows.
• Verified the badges render on /flags (grid + list views), /vulnerabilities/[slug], and the player dashboard table for found flags.
• Verified the search input on /flags matches against cwe and owasp values (e.g. CWE-89, A03:2021).
• Visually checked the footer in light/dark mode, both icons aligned, dev.to link opens in a new tab with noopener noreferrer.
• Re-read EDUCATORS.md tables to confirm numbering is contiguous and totals match.

Checklist

• Documentation updated (if applicable)

If adding a new vulnerability

N/A — no new vulnerability is introduced; this PR only annotates existing flags with CWE/OWASP metadata, fixes a missing category in the type system, patches the educators doc, and adds a footer link.

[github-actions]

Thank you @kOaDT for contributing once again!

📊 PR overview

Files changed	Additions	Deletions	Size
12	+171	-33	L

📝 Before review

To help maintainers review your changes efficiently, please ensure that:

• The PR description clearly explains what was changed and why
• The PR checklist has been filled out
• All existing tests continue to pass
• New tests have been added for any new functionality

📖 Please review our Contributing Guidelines and Code of Conduct.

✅ Continuous Integration

Two CI workflows will run automatically on this PR:

• Code Quality — linting and formatting checks
• Exploitation Tests — ensures vulnerabilities and flags work as expected

You can follow their progress in the Checks tab.

🤝 A note on collaboration

We value respectful and constructive interactions. Whether you are a contributor or a reviewer, please be patient, kind, and open to feedback.

---

A maintainer will review your changes as soon as possible. If you have any questions, feel free to ask in this thread.

kOaDT