Adds a governance extension that creates verifiable audit trails for
agent tool usage using the R6 framework (Rules+Role+Request+Reference+
Resource→Result). Uses the typed after_tool_call hooks wired in #1
to capture every tool invocation with provenance, timing, and
hash-linked chain integrity.
Includes:
- R6 request framework with tool classification
- Hash-linked JSONL audit chain with verification
- Software-bound session identity tokens (Soft LCT)
- Session state tracking with tool/category counts
- CLI commands: audit summary, audit verify, audit last
- 39 unit tests across all modules
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>