docs consolidation and others

src/__Tests/Integration/StellaOps.Integration.Determinism/AGENTS.md

@@ -11,7 +11,7 @@
 ## Required Reading
 - docs/07_HIGH_LEVEL_ARCHITECTURE.md
 - docs/modules/platform/architecture-overview.md
-- docs/risk/determinism.md
+- docs/modules/risk-engine/guides/determinism.md
 
 ## Working Directory & Scope
 - Primary: src/__Tests/Integration/StellaOps.Integration.Determinism

src/__Tests/Integration/StellaOps.Integration.E2E/E2EReproducibilityTestFixture.cs

@@ -506,10 +506,17 @@ public sealed class E2EReproducibilityTestFixture : IAsyncLifetime
         var payloadType = "application/vnd.stellaops.verdict+json"u8.ToArray();
         var pae = CreatePae(payloadType, payload);
 
-        // Sign with ECDSA P-256
-        return _signingKey!.SignData(pae, HashAlgorithmName.SHA256);
+        // Use HMAC-SHA256 for deterministic signatures in E2E tests
+        // ECDSA produces non-deterministic signatures due to random k value
+        // For reproducibility tests, we need byte-for-byte identical outputs
+        using var hmac = new HMACSHA256(_deterministicSigningKey);
+        return hmac.ComputeHash(pae);
     }
 
+    // Deterministic key derived from seed for HMAC signing
+    private static readonly byte[] _deterministicSigningKey = SHA256.HashData(
+        System.Text.Encoding.UTF8.GetBytes("e2e-test-deterministic-key-seed-42"));
+
     private static byte[] CreatePae(byte[] payloadType, byte[] payload)
     {
         // PAE(type, payload) = "DSSEv1" || SP || LEN(type) || SP || type || SP || LEN(payload) || SP || payload

src/__Tests/Integration/StellaOps.Integration.Reachability/AGENTS.md

@@ -10,7 +10,7 @@
 ## Required Reading
 - docs/07_HIGH_LEVEL_ARCHITECTURE.md
 - docs/modules/scanner/architecture.md
-- docs/reachability/README.md
+- docs/modules/reach-graph/README.md
 
 ## Working Directory & Scope
 - Primary: src/__Tests/Integration/StellaOps.Integration.Reachability