GSoC 2026: Add Module B/D prototypes - Commit fetcher and Review UI

[norikokono]

• Add fetch_commits.py: Pre-code experiment for harvesting OWASP repository commits
• Add review_prototype.html: HITL review UI prototype with keyboard shortcuts (y/n)
• Implements fast review interface optimized for <3 second workflow per item
• Part of GSoC Module B (Noise/Relevance Filter) and Module D (HITL) work

[norikokono]

🔍 Automated Triage Validation (Module B Proof of Concept)

The attached screenshot demonstrates the Signal-to-Noise logic implemented for Module B. The AI agent was tested against four distinct types of repository changes to verify its classification accuracy:

• Scenario 1 (Markdown): Identified as NOISE because the change was purely linguistic ("comprehensive guide") and did not alter security requirements.
• Scenario 2 (Python Auth): Identified as RELEVANT due to the hardening of password requirements (length $\ge 12$ and complexity checks).
• Scenario 3 (Security Config): Identified as RELEVANT because it flagged the intentional (even if temporary) disabling of CWE-89 (SQLi) and CWE-79 (XSS) scanners.
• Scenario 4 (Dependency): Identified as NOISE for a standard version bump in package-lock.json, which prevents the indexer from being flooded with routine maintenance updates.

Integration with Module D:
The review_prototype.html included in this PR is designed to ingest these 'RELEVANT' flags, allowing a human reviewer to quickly confirm the AI's findings using the keyboard-optimized interface.

---