fix: add guess to help, document 8ball --debug, fix pip-audit CVE false positive

- !help Games section now includes !guess
- !8ball description mentions --debug flag
- pip-audit now scans only requirements.txt instead of --local (which
  was flagging CVE-2026-3219 in pip itself, not our dependencies)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

matrixbot/commands.py

@@ -114,7 +114,7 @@ def check_cooldown(sender: str, cmd_name: str, seconds: int = COOLDOWN_SECONDS)
 async def cmd_help(client: AsyncClient, room_id: str, sender: str, args: str):
     categories = [
         ("🤖 AI / Fun", ["ask", "fortune", "8ball", "roast", "story", "debate"]),
-        ("🎮 Games", ["wordle", "trivia", "rps", "poll", "hangman", "scramble", "wyr", "riddle"]),
+        ("🎮 Games", ["wordle", "trivia", "rps", "poll", "hangman", "guess", "scramble", "wyr", "riddle"]),
         ("🎲 Random", ["flip", "roll", "random", "champion", "agent"]),
         ("🖥️ Server", ["minecraft", "ping", "health"]),
     ]
@@ -222,7 +222,7 @@ def _implies_jared_wynter_romance(text):
     ]
     return any(phrase in lower for phrase in romantic_words)
 
-@command("8ball", "Ask the magic 8-ball a question")
+@command("8ball", "Ask the magic 8-ball a question — append --debug to see the prompt used")
 async def cmd_8ball(client: AsyncClient, room_id: str, sender: str, args: str):
     if not args:
         await send_text(client, room_id, f"Usage: {BOT_PREFIX}8ball <question>")