consent-engine v0.5.6

feat: robust CMP detection + --jurisdiction override (v0.5.6)

• Pool primary + GPC scan URLs for post-scan CMP refinement (fixes
  OneTrust miss on hydroquebec.com where SDK loaded past networkidle)
• New cookie-name backstop maps OptanonConsent/CookieConsent/etc to CMP
• Add --jurisdiction CLI flag to override TLD/content auto-detection
• Delete dead audit_deck.marp.md.j2 template (superseded since v0.5.0)

Smoke: hydroquebec.com now correctly returns detected_cmp=OneTrust
across repeat runs. --jurisdiction CA forces verdict regardless of
content signals. 70 tests pass, ruff + mypy clean.

Co-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com