Security event CEL engine handoff

[ebursztein]

Summary

Security-event/CEL engine lane is complete and ready for network-team reconciliation. This PR is intentionally a draft handoff branch, not a direct merge into current main.

The branch finishes the unified security event spine:

• canonical SecurityEvent/CEL projection for enforcement and detection
• typed SecurityEventType contract with family consistency and callback validation
• model/MCP enforcement on canonical events rather than synthetic HTTP lowering
• model response/tool-call/tool-result/gzip/malformed/multiframe proof
• session telemetry and real VM proof for model response/tool-call block/rewrite
• benchmark proof for CEL, Detection IR, MITM callback overhead, provider parser, and VM-originated security paths

Network-team handoff

Network/parser work should integrate here before the separate origin/main integration sprint. The dependency surface is the typed security event contract, not callback strings or local policy shortcuts.

Network-team invariants to preserve:

• parsed HTTP/DNS/MCP/model evidence is emitted into canonical SecurityEvent fields before CEL projection
• detection and enforcement evaluate the same canonical event identity and field structure that is persisted to the session security ledger
• MCP/model hot-path optimizations still call capsem-security-engine; no second decision provider
• DB write batching/telemetry contention fixes preserve event type/family checks, enforcement provenance, detection hunt reconstruction, and model evidence fields

Why draft

This branch is currently behind origin/main by 118 commits after fetch. Incoming main includes large MCP runtime/load, network parser, DB write/logger, telemetry, security-engine, and benchmark-path changes. Those should be reconciled as a dedicated integration sprint, not accepted as merge fallout.

Verification

• just benchmark passed on macOS arm64: 11 passed, 7 deselected
• uv run pytest tests/test_archive_superseded_benchmark_artifacts.py tests/test_benchmark_contract.py tests/capsem-serial/test_endpoint_latency_benchmark.py::test_endpoint_latency_percentile_keeps_p95_distinct_from_max -q passed: 12 passed
• uv run python scripts/archive_superseded_benchmark_artifacts.py --dry-run reports no superseded benchmark artifacts
• git diff --check clean

Next sprint

1. Network team lands parser/runtime improvements on top of this branch.
2. Reconcile MCP/network DB-write optimizations against the security invariants above.
3. Start a separate main-integration sprint to bring in origin/main with focused invariant tests and benchmark comparison.