Breaking Change: Signed templates required for JavaScript protocol

Starting with v3.11.0, custom templates that use the javascript:
protocol must be digitally signed before Nuclei will load or execute
them. Unsigned JavaScript templates are now skipped during template
loading and when referenced from workflows.

Why this change

This release continues the security hardening started in v3.10.0
(sandbox enforcement, network policy checks, stricter code-template
handling, YAML include protections, and related fixes in #7469). The
JavaScript protocol exposes Go-backed modules through Nuclei's JS
runtime, which significantly increases attack surface compared with
request-only templates. Requiring signatures brings JavaScript templates
in line with the existing protections for code-protocol templates.
