feat(canary): mysql_dump generator with phone-home replica payload

Mirrors the Canarytokens.org trick: a base64-wrapped CHANGE REPLICATION
SOURCE TO + START REPLICA block in the dump trailer. Importing the
file into MySQL resolves <slug>.<dns_zone> (DNS trip) and opens a 3306
replica handshake whose SOURCE_USER smuggles @@hostname and
@@lc_time_names of the victim DB.

DNS lookup alone is sufficient for detection via the existing canary
dns_server; capturing the smuggled metadata via a 3306 handshake
responder is a follow-up.

tests/canary/test_factory.py

@@ -60,7 +60,7 @@ def test_known_lists_are_stable() -> None:
     # surfaces it. Keeps the schema-of-record in one place.
     assert KNOWN_GENERATORS == (
         "git_config", "env_file", "ssh_key", "aws_creds",
-        "honeydoc", "honeydoc_docx", "honeydoc_pdf",
+        "honeydoc", "honeydoc_docx", "honeydoc_pdf", "mysql_dump",
     )
     assert KNOWN_INSTRUMENTERS == (
         "docx", "xlsx", "pdf", "html", "image", "plain", "passthrough",