docs + security: blog posts, Cursor guide, benchmark clarification, nosemgrep fixes

[rajkumarsakthivel]

Summary

Blog posts:

• CCE + Cursor setup guide (new)
• All 5 blog posts added to landing page

README:

• Website + Guide links in header
• Benchmark baseline clarified: full-file reads, not vs Claude Code behavior (benchmark seems incorrect #57)

Security:

• Switched from noqa: S608 to nosemgrep: sqlalchemy-execute-raw-query across 5 files (Copilot review feedback on semgrep suppression)

SEO:

• Sitemap updated (7 pages)

[Copilot]

Pull request overview

This PR aims to suppress external SQL-injection findings (reported as false positives) by annotating dynamic SQL usages with # noqa: S608 and adding brief “safe because …” explanations, without changing any SQL behavior.

Changes:

• Added # noqa: S608 suppressions to several SQLite .execute(...) calls that use f-strings.
• Added safety-explanation comments describing why interpolated parts are non-user-controlled / parameterized.
• Applied these annotations across vector/graph/FTS stores, embedding cache cleanup, and memory DB helpers.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 6 comments.

Show a summary per file

File	Description
src/context_engine/storage/vector_store.py	Adds S608 suppressions/comments around dynamic SQL for vec table creation and batched deletes.
src/context_engine/storage/graph_store.py	Adds S608 suppressions/comments around batched selects/deletes using IN (...) placeholder lists.
src/context_engine/storage/fts_store.py	Adds S608 suppression/comment for batched delete by file paths.
src/context_engine/memory/db.py	Adds S608 suppressions/comments for dynamic table/column SQL in vec writes and retention pruning.
src/context_engine/indexer/embedding_cache.py	Adds S608 suppression/comment for batched delete of orphaned cache rows.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.