Complete batch 012 (golden set diff) and 013 (advisory chat), fix build errors

Sprints completed:
- SPRINT_20260110_012_* (golden set diff layer - 10 sprints)
- SPRINT_20260110_013_* (advisory chat - 4 sprints)

Build fixes applied:
- Fix namespace conflicts with Microsoft.Extensions.Options.Options.Create
- Fix VexDecisionReachabilityIntegrationTests API drift (major rewrite)
- Fix VexSchemaValidationTests FluentAssertions method name
- Fix FixChainGateIntegrationTests ambiguous type references
- Fix AdvisoryAI test files required properties and namespace aliases
- Add stub types for CveMappingController (ICveSymbolMappingService)
- Fix VerdictBuilderService static context issue

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GoldenSet/Configuration/GoldenSetOptions.cs

@@ -0,0 +1,124 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace StellaOps.BinaryIndex.GoldenSet;
+
+/// <summary>
+/// Configuration options for the GoldenSet module.
+/// </summary>
+public sealed class GoldenSetOptions
+{
+    /// <summary>
+    /// Configuration section name.
+    /// </summary>
+    public const string SectionName = "BinaryIndex:GoldenSet";
+
+    /// <summary>
+    /// Current schema version for golden set definitions.
+    /// </summary>
+    [Required]
+    public string SchemaVersion { get; set; } = GoldenSetConstants.CurrentSchemaVersion;
+
+    /// <summary>
+    /// Validation options.
+    /// </summary>
+    public GoldenSetValidationOptions Validation { get; set; } = new();
+
+    /// <summary>
+    /// Storage options.
+    /// </summary>
+    public GoldenSetStorageOptions Storage { get; set; } = new();
+
+    /// <summary>
+    /// Caching options.
+    /// </summary>
+    public GoldenSetCachingOptions Caching { get; set; } = new();
+
+    /// <summary>
+    /// Authoring options.
+    /// </summary>
+    public GoldenSetAuthoringOptions Authoring { get; set; } = new();
+}
+
+/// <summary>
+/// Authoring options for golden sets.
+/// </summary>
+public sealed class GoldenSetAuthoringOptions
+{
+    /// <summary>
+    /// Enable AI-assisted enrichment.
+    /// </summary>
+    public bool EnableAiEnrichment { get; set; } = true;
+
+    /// <summary>
+    /// Enable upstream commit analysis.
+    /// </summary>
+    public bool EnableCommitAnalysis { get; set; } = true;
+
+    /// <summary>
+    /// Maximum number of commits to analyze per vulnerability.
+    /// </summary>
+    public int MaxCommitsToAnalyze { get; set; } = 5;
+
+    /// <summary>
+    /// Minimum confidence threshold for auto-accepting AI suggestions.
+    /// </summary>
+    public decimal AutoAcceptConfidenceThreshold { get; set; } = 0.8m;
+}
+
+/// <summary>
+/// Validation options for golden sets.
+/// </summary>
+public sealed class GoldenSetValidationOptions
+{
+    /// <summary>
+    /// Validate that the CVE exists in NVD/OSV (requires network).
+    /// </summary>
+    public bool ValidateCveExists { get; set; } = true;
+
+    /// <summary>
+    /// Validate that sinks are in the registry.
+    /// </summary>
+    public bool ValidateSinks { get; set; } = true;
+
+    /// <summary>
+    /// Validate edge format strictly (must match bbN->bbM).
+    /// </summary>
+    public bool StrictEdgeFormat { get; set; } = true;
+
+    /// <summary>
+    /// Skip network calls (air-gap mode).
+    /// </summary>
+    public bool OfflineMode { get; set; } = false;
+}
+
+/// <summary>
+/// Storage options for golden sets.
+/// </summary>
+public sealed class GoldenSetStorageOptions
+{
+    /// <summary>
+    /// PostgreSQL schema name for golden sets.
+    /// </summary>
+    public string PostgresSchema { get; set; } = "golden_sets";
+
+    /// <summary>
+    /// Connection string name (from configuration).
+    /// </summary>
+    public string ConnectionStringName { get; set; } = "BinaryIndex";
+}
+
+/// <summary>
+/// Caching options for golden sets.
+/// </summary>
+public sealed class GoldenSetCachingOptions
+{
+    /// <summary>
+    /// Cache duration for sink registry lookups (minutes).
+    /// </summary>
+    public int SinkRegistryCacheMinutes { get; set; } = 60;
+
+    /// <summary>
+    /// Cache duration for golden set definitions (minutes).
+    /// </summary>
+    public int DefinitionCacheMinutes { get; set; } = 15;
+}