Add enterprise dashboard accessibility guard

[KoiosSG]

/claim #19

Summary

• Adds a self-contained enterprise-dashboard-accessibility-guard/ slice for Enterprise Tooling issue Enterprise Tooling #19.
• Evaluates institutional admin dashboard releases before they are shown to admins, included in scheduled exports, or summarized through webhook notices.
• Checks contrast for critical and noncritical metrics, screen-reader labels, keyboard reachability, focus traps, private-data exposure in accessibility text, table summaries, heading order, and reduced-motion fallbacks.
• Emits deterministic JSON, Markdown, SVG, and MP4 reviewer artifacts with SHA-256 audit digests.

Hardening Update

• Noncritical low-contrast dashboard content now produces a warning, keeps scheduled exports blocked, and marks WCAG perceivable readiness false instead of releasing as clean.

Scope

This focuses specifically on accessibility readiness for institutional admin dashboards and their downstream export/webhook release lanes.

It is distinct from the existing dashboard/export/webhook replay/compliance/identity/retention/data-residency/SLA/secret-rotation/quota/API-change/connector-certification/incident/funder/AI-model/dashboard-attribution/initiative-tag/policy-exception/IRB/data-export/SCIM/deposit-reconciliation/admin-notification/cost-allocation/LMS/payload-redaction/vendor-DPA/cohort-privacy/API-rate-limit slices.

Validation

• Added hardening regression first: npm test failed with release_with_accessibility_monitoring == remediate_before_public_release before warning on noncritical low contrast
• cd enterprise-dashboard-accessibility-guard && npm run check -> passed
• cd enterprise-dashboard-accessibility-guard && npm test -> enterprise-dashboard-accessibility-guard tests passed (4)
• cd enterprise-dashboard-accessibility-guard && npm run demo -> generated JSON/Markdown/SVG artifacts
• cd enterprise-dashboard-accessibility-guard && npm run demo:video -> generated reports/demo.mp4
• ffprobe confirmed reports/demo.mp4 is H.264, 1280x720, 7.5s, 24fps, 104,275 bytes
• git diff --check -> passed
• git diff --cached --check -> passed
• rg -n "(password|wallet|paypal|bank|passport|private key|api key)" enterprise-dashboard-accessibility-guard -> no matches

Safety

Synthetic data only. No credentials, private dashboard records, SSO calls, webhook calls, export delivery, payment processor calls, or private institutional systems are used.

AI-assisted with OpenAI Codex; I reviewed and locally verified the diff before submitting.

[KoiosSG]

Hardening update pushed in 5047577: noncritical low-contrast dashboard content now produces a warning, keeps scheduled exports blocked, and marks WCAG perceivable readiness false instead of releasing as clean. I added a regression that failed before the fix with release_with_accessibility_monitoring == remediate_before_public_release and now passes. Validation refreshed locally: npm run check, npm test (4 tests), npm run demo, npm run demo:video, ffprobe on demo.mp4, git diff --check, and credential-like sensitive-term scan returned no matches.