add Hypothesis property-based MIME detection tests

- test_magic_prefix_detection: verify all signatures with random suffix
- test_random_binary_never_crashes: random data never crashes
- test_partial_magic_no_false_match: truncated magic handled safely
- test_magic_not_at_start_ignored: only detect magic at offset 0

documentation/security-testing-status.md

@@ -155,11 +155,17 @@ Not tested (no signature defined):
 ```
 [ ] Add --target option to run_fuzz.py for external testing
 [ ] Implement adaptive rate limiting in production fuzzer
-[ ] Add hypothesis property-based tests for MIME detection
+[x] Add hypothesis property-based tests for MIME detection
 [ ] Create polyglot generator for automated MIME confusion testing
 [x] Add timing attack tests for authentication endpoints
 ```
 
+**Hypothesis MIME Tests (2025-12-26):**
+- `test_magic_prefix_detection`: All known signatures + random suffix detect correctly
+- `test_random_binary_never_crashes`: Random binary never crashes detector
+- `test_partial_magic_no_false_match`: Truncated magic bytes handled safely
+- `test_magic_not_at_start_ignored`: Magic at non-zero offset ignored
+
 ### Penetration Testing (from PENTEST_PLAN.md)
 
 ```