Seed sinks for remaining niche languages

[andrew]

36 language defs have no sinks. The 17 that do cover the ecosystems where projects actually appear, but for completeness these could be filled in over time. Most have small surfaces (eval/exec equivalents and file ops).

Rough priority based on how often projects appear in the wild:

• groovy — JVM, GroovyShell.evaluate, Eval.me, execute on String
• r — system, system2, eval(parse()), source with caller path
• julia — eval, run, include with caller path, Serialization.deserialize
• haskell — System.Process.callCommand, unsafePerformIO
• ocaml — Sys.command, Unix.execvp, Marshal.from_channel
• nim — gorge/staticExec (compile-time), execShellCmd
• crystal — system, Process.new, eval doesn't exist but macros do
• fsharp — .NET so inherits C# surface, Process.Start etc
• d — std.process.execute, core.stdc.stdlib.system
• erlang — overlaps with Elixir's :erlang sinks, os:cmd, file:read_file
• clojure — JVM, eval, sh/sh from clojure.java.shell, read-string (not safe reader)
• gleam, roc, zig, v, odin, scheme, racket, tcl, prolog, common-lisp, ada, cobol, fortran, verilog, vhdl, emacs-lisp, gdscript, haxe, mojo — very long tail, do as needed

Not blocking anything. The threat-model command works fine without these since it fires on taxonomy tags, not sinks. These would only improve brief sinks output for projects in those languages.