feat(cognition): add deterministic threat detectors

[joelteply]

Summary

• add deterministic Rust literal threat detectors for prompt injection, credential exfiltration, and tool escalation
• add typed ThreatRefusalAuditPayload and ThreatDetectionReport -> refusal audit bridge
• export the new generated TS binding and fix generated genome barrel drift caught by the sync test

Proof

• npm run build:ts
• cargo test threat_detector --lib --features metal,accelerate
• cargo test --test generated_barrel_sync --features metal,accelerate
• precommit: TypeScript compilation passed; clippy held baseline; browser tests skipped because app/core socket were not running
• pre-push: TypeScript clean, ESLint baseline held at 5435, Rust compile clean, Rust tests passed, llama Metal tests passed

Known environment result

• Native Docker core image built locally, but runtime slice did not push because linux/arm64 Docker has no GPU and strict no-CPU-fallback panicked as designed. This is not bypassed; merge should rely on CI architecture verification or a GPU-capable runner for that slice.

Scope note

This is contract-level Rust cognition proof, not production persona replay proof. The next lane should be prod-captured persona record/replay with RAG/working-memory, resources, model metadata, decision, output, audit, and per-stage timing visible offline in Rust.