feat: Add initial implementation of Vulnerability Resolver Jobs

- Created project for StellaOps.Scanner.Analyzers.Native.Tests with necessary dependencies.
- Documented roles and guidelines in AGENTS.md for Scheduler module.
- Implemented IResolverJobService interface and InMemoryResolverJobService for handling resolver jobs.
- Added ResolverBacklogNotifier and ResolverBacklogService for monitoring job metrics.
- Developed API endpoints for managing resolver jobs and retrieving metrics.
- Defined models for resolver job requests and responses.
- Integrated dependency injection for resolver job services.
- Implemented ImpactIndexSnapshot for persisting impact index data.
- Introduced SignalsScoringOptions for configurable scoring weights in reachability scoring.
- Added unit tests for ReachabilityScoringService and RuntimeFactsIngestionService.
- Created dotnet-filter.sh script to handle command-line arguments for dotnet.
- Established nuget-prime project for managing package downloads.

src/Excititor/StellaOps.Excititor.WebService/Program.cs

@@ -471,7 +471,8 @@ app.MapGet("/v1/vex/observations/{vulnerabilityId}/{productKey}", async (
     var providerFilter = BuildStringFilterSet(context.Request.Query["providerId"]);
     var statusFilter = BuildStatusFilter(context.Request.Query["status"]);
     var since = ParseSinceTimestamp(context.Request.Query["since"]);
-    var limit = ResolveLimit(context.Request.Query["limit"], defaultValue: 200, min: 1, max: 500);
+    // Evidence chunks follow doc limits: default 500, max 2000.
+    var limit = ResolveLimit(context.Request.Query["limit"], defaultValue: 500, min: 1, max: 2000);
 
     var request = new VexObservationProjectionRequest(
         tenant,
@@ -514,6 +515,10 @@ app.MapGet("/v1/vex/observations/{vulnerabilityId}/{productKey}", async (
         result.Truncated,
         statements);
 
+    // Set total/truncated headers for clients (spec: Excititor-Results-*).
+    context.Response.Headers["Excititor-Results-Total"] = result.TotalCount.ToString(CultureInfo.InvariantCulture);
+    context.Response.Headers["Excititor-Results-Truncated"] = result.Truncated ? "true" : "false";
+
     return Results.Json(response);
 });
 
@@ -562,11 +567,21 @@ app.MapGet("/v1/vex/evidence/chunks", async (
     }
     catch (OperationCanceledException)
     {
+        EvidenceTelemetry.RecordChunkOutcome(tenant, "cancelled");
         return Results.StatusCode(StatusCodes.Status499ClientClosedRequest);
     }
+    catch
+    {
+        EvidenceTelemetry.RecordChunkOutcome(tenant, "error");
+        throw;
+    }
 
-    context.Response.Headers["X-Total-Count"] = result.TotalCount.ToString(CultureInfo.InvariantCulture);
-    context.Response.Headers["X-Truncated"] = result.Truncated ? "true" : "false";
+    EvidenceTelemetry.RecordChunkOutcome(tenant, "success", result.Chunks.Count, result.Truncated);
+    EvidenceTelemetry.RecordChunkSignatureStatus(tenant, result.Chunks);
+
+    // Align headers with published contract.
+    context.Response.Headers["Excititor-Results-Total"] = result.TotalCount.ToString(CultureInfo.InvariantCulture);
+    context.Response.Headers["Excititor-Results-Truncated"] = result.Truncated ? "true" : "false";
     context.Response.ContentType = "application/x-ndjson";
 
     var options = new JsonSerializerOptions(JsonSerializerDefaults.Web);