fix: bound JS CBOR parsing depth

[leanthebean]

Summary

Fixes CAT finding 5cc62713-40c6-44c6-9d65-8da6226c7a47.

tools/p384_hints.js includes a recursive reference CBOR parser used by the CLI and FFI hint-generation tooling. A deeply nested CBOR array/map structure could previously recurse until V8 threw RangeError: Maximum call stack size exceeded.

This change:

• adds a MAX_CBOR_NESTING_DEPTH guard to readCborItem;
• increments the depth counter for array and map children;
• returns a normal Error("CBOR nesting depth exceeded") before the JS stack can overflow;
• adds a no-dependency Node test that constructs the malicious COSE shape and asserts the bounded parser error is raised instead of RangeError;
• wires that test into the existing off-chain tooling CI smoke step.

Self Review

Reviewed the final diff before opening this PR. The change is scoped to non-production reference tooling, preserves existing fixture generation and FFI parity, and only changes malformed deeply nested CBOR behavior from stack exhaustion to a catchable parser error.

Tests

• node --test tools/p384_hints.test.js
• node --check tools/p384_hints.js
• node --check tools/hinted_attestation_calls.js
• node --check tools/nitro_attestation_input.js
• node tools/nitro_attestation_input.js fixture
• node tools/hinted_attestation_calls.js fixture
• NITRO_RUN_FFI=true forge test --ffi -vvv --match-test test_OffchainWitness
• forge test