Suppress excavate JWT detection when badsecrets is enabled

[liquidsec]

addresses #2935

[github-actions]

📊 Performance Benchmark Report

Comparing 3.0 (baseline) vs duplicate-jwt-detection (current)

📈 Detailed Results (All Benchmarks)

📋 Complete results for all benchmarks - includes both significant and insignificant changes

🧪 Test Name	📏 Base	📏 Current	📈 Change	🎯 Status
Bloom Filter Dns Mutation Tracking Performance	4.24ms	4.30ms	+1.5% ⚪	✅
Bloom Filter Large Scale Dns Brute Force	17.47ms	17.41ms	-0.3% ⚪	✅
Large Closest Match Lookup	370.74ms	369.03ms	-0.5% ⚪	✅
Realistic Closest Match Workload	196.01ms	201.58ms	+2.8% ⚪	✅
Event Validation Full Scan Startup Small Batch	492.66ms	490.68ms	-0.4% ⚪	✅
Event Validation Full Scan Startup Large Batch	758.88ms	750.50ms	-1.1% ⚪	✅
Make Event Autodetection Small	31.19ms	31.00ms	-0.6% ⚪	✅
Make Event Autodetection Large	314.78ms	314.98ms	+0.1% ⚪	✅
Make Event Explicit Types	13.81ms	13.94ms	+0.9% ⚪	✅
Excavate Single Thread Small	4.094s	4.086s	-0.2% ⚪	✅
Excavate Single Thread Large	9.779s	9.895s	+1.2% ⚪	✅
Excavate Parallel Tasks Small	4.285s	4.257s	-0.6% ⚪	✅
Excavate Parallel Tasks Large	7.355s	7.331s	-0.3% ⚪	✅
Is Ip Performance	3.17ms	3.11ms	-1.8% ⚪	✅
Make Ip Type Performance	11.34ms	11.26ms	-0.7% ⚪	✅
Mixed Ip Operations	4.47ms	4.44ms	-0.6% ⚪	✅
Typical Queue Shuffle	61.51µs	60.89µs	-1.0% ⚪	✅
Priority Queue Shuffle	711.03µs	683.82µs	-3.8% ⚪	✅

🎯 Performance Summary

✅ No significant performance changes detected (all changes <10%)

---

🐍 Python Version 3.11.14

[TheTechromancer]

Good overall goal but instead of putting badsecrets-specific logic in excavate maybe we should avoid emitting JWTs from badsecrets, since excavate is always enabled by default.