chore: post-SC code review — remove emojis, fix French strings, refactor enrichment, add docstrings

[Copilot]

Post-scoring-completion code review pass across the agent codebase. Addresses encoding risks from emoji in source, non-English output strings, a function violating SRP, and missing public API documentation.

agent/scan.py

• Emojis removed: _SEV_ICON (🔴🟠🟡🟢⚪) replaced with ASCII _SEV_LABEL ([CRIT]/[HIGH]/[MED]/[LOW]/[INFO]) in both the Markdown table header and per-finding rows
• French strings fixed: "rapport JSON" / "rapport Markdown" → "JSON report" / "Markdown report"
• SRP refactor: _enrich_risk_scores() had two distinct loops (risk scoring + recommendation enrichment); the second extracted into _enrich_recommendations(), both called from run_scan()

# Before: one function doing two unrelated things
def _enrich_risk_scores(findings): ...   # risk scores AND recommendations

# After: two focused functions
def _enrich_risk_scores(findings): ...   # risk scores only
def _enrich_recommendations(findings): ... # recommendations only

agent/scoring/criticality_factor.py

• Added docstrings to category_from_source() and criticality_factor()

agent/scanners/crypto_libs.py

• Added docstrings to detect_openssl() and scan_crypto_libs()