Security audit fixes: harden cache, mneme, @agent gate, and gauntlet integrity

[tcconnally]

Audit fixes from codex/live-audit-2026-06-01

P1 Security

• Cache fingerprint boundary read: _dependency_fingerprint now routes through _resolve_path() — @read /etc/passwd @cache ttl=3600 can no longer hash a forbidden file before @read denies it
• @agent env gate: @agent now requires PERSEUS_ALLOW_DANGEROUS=1, matching the defense-in-depth gate used by @query and @services

P1 Benchmark integrity

• Skipped gates no longer counted as certification passes (semantic judge skip = skip, not 14/14)
• All-skipped scenario returns 0.0, not 100.0

P2 Correctness

• Mneme recall always refreshes index before search — no more stale/corrupt/deleted row persistence
• Mneme index prunes renamed/deleted files and removes corrupt docs with missing frontmatter

P2 Benchmark integrity

• PERSEUS_ALLOW_DANGEROUS=1 set in all gauntlet subprocess environments (node, setup, adversarial)
• A10 symlink race: exercises @read "link_0" and records escape errors

Documentation

• README: remove stale quickstart/WIRING links
• CONTRIBUTING.md: 12 phases, 14 gates, skip/budget requirements
• DIRECTIVES.md: @agent env gate and config docs

Code cleanup

• Remove half-baked quickstart CLI (Track B) and auto-cache (Track A10)
• Remove unused gauntlet role profiles and doctor checks
• Remove unused additionalProperties schema support

Tests

• 784 passed, 1 skipped, 26 deselected (environment-bound excludes)
• Focused suites: 125 passed (renderer, agent, mneme, gauntlet harness)

---

Branch: codex/live-audit-2026-06-01 (commit 058e020)
Reviewed by: Hermes agent