Description

Add allowlist rules for modern Plex client API endpoints to prevent false positives
with http-crawl-non_statics scenario.

Problem: Modern Plex clients (iOS, tvOS, Android, web) make rapid API calls when
users browse their libraries. These legitimate requests trigger crawl detection.

Evidence: Apple TV user (PlexTV/8.45) was banned after 43 requests in 16 seconds
while browsing their library. Investigation confirmed this was a legitimate user and
device with no suspicious activity - all requests were standard Plex API calls.

New endpoints covered:

• /hubs/* - Home screen content hubs
• /activities - Background activity monitoring
• /library/sections/* - Library section browsing
• /library/all - Browse all items matching criteria
• /library/search - Search functionality
• /playlists/* - Playlist management
• /media/providers - Media provider configuration

Reference: https://github.com/Arcanemagus/plex-api/wiki

Checklist

• I have read the contributing guide
• I have tested my changes locally
• For new parsers or scenarios, tests have been added (N/A - updating existing)
• I have run the hub linter and no issues were reported
• Automated tests are passing
• AI was used to generate any/all content of this PR

🤖 Generated with Claude Code