feat: Add initial implementation of Vulnerability Resolver Jobs

- Created project for StellaOps.Scanner.Analyzers.Native.Tests with necessary dependencies.
- Documented roles and guidelines in AGENTS.md for Scheduler module.
- Implemented IResolverJobService interface and InMemoryResolverJobService for handling resolver jobs.
- Added ResolverBacklogNotifier and ResolverBacklogService for monitoring job metrics.
- Developed API endpoints for managing resolver jobs and retrieving metrics.
- Defined models for resolver job requests and responses.
- Integrated dependency injection for resolver job services.
- Implemented ImpactIndexSnapshot for persisting impact index data.
- Introduced SignalsScoringOptions for configurable scoring weights in reachability scoring.
- Added unit tests for ReachabilityScoringService and RuntimeFactsIngestionService.
- Created dotnet-filter.sh script to handle command-line arguments for dotnet.
- Established nuget-prime project for managing package downloads.

src/Scheduler/AGENTS.md

@@ -0,0 +1,41 @@
+# AGENTS · Scheduler Working Directory
+
+## Roles
+- **Scheduler Worker/WebService Engineer**: .NET 10 (preview) across workers, web service, and shared libraries; keep jobs/metrics deterministic and tenant-safe.
+- **QA / Reliability**: Adds/maintains unit + integration tests in `__Tests`, covers determinism, job orchestration, and metrics; validates Mongo/Redis/NATS contracts without live cloud deps.
+- **Docs/Runbook Touches**: Update `docs/modules/scheduler/**` and `operations/` assets when contracts or operational characteristics change.
+
+## Required Reading
+- `docs/modules/scheduler/README.md`
+- `docs/modules/scheduler/architecture.md`
+- `docs/modules/scheduler/implementation_plan.md`
+- `docs/modules/platform/architecture-overview.md`
+- Current sprint file(s) for this module (e.g., `docs/implplan/SPRINT_0155_0001_0001_scheduler_i.md`, `SPRINT_0156_0001_0002_scheduler_ii.md`).
+
+## Working Directory & Boundaries
+- Primary scope: `src/Scheduler/**` including WebService, Worker.Host, `__Libraries`, `__Tests`, plugins, and solution files.
+- Cross-module edits require an explicit note in sprint **Delivery Tracker** and **Decisions & Risks**.
+- Fixtures belong under `src/Scheduler/__Tests/Fixtures` and must be deterministic.
+
+## Engineering Rules
+- Target `net10.0`; prefer latest C# preview permitted in repo.
+- Offline-first: no new external calls; use cached feeds (`/local-nugets`) and configurable endpoints.
+- Determinism: stable ordering, UTC ISO-8601 timestamps, seeded randomness; avoid host-specific paths in outputs/events.
+- Observability: use structured logging; keep metric/label names consistent with published dashboards (`policy_simulation_*`, `graph_*`, `overlay_*`).
+- Security: tenant isolation on all queues/stores; avoid leaking PII/secrets in logs or metrics.
+
+## Testing & Verification
+- Default: `dotnet test src/Scheduler/StellaOps.Scheduler.sln` (note: GraphJobs `IGraphJobStore.UpdateAsync` accessibility issue is a known blocker; document if encountered).
+- Add/extend tests in `src/Scheduler/__Tests/**`; prefer minimal deterministic fixtures and stable sort order.
+- When adding metrics, include unit tests validating label sets and defaults; update `operations/worker-prometheus-rules.yaml` if alert semantics change.
+
+## Workflow Expectations
+- Mirror task state changes in sprint files and, where applicable, module TASKS boards.
+- If blocked by contracts or upstream issues, set task to `BLOCKED` in sprint tracker and note the required decision/fix.
+- Document runbook/operational changes alongside code changes.
+
+## Allowed Shared Libraries
+- May reference shared helpers under `src/Scheduler/__Libraries/**` and existing plugins; new shared libs require sprint note.
+
+## Air-gap & Offline
+- Support air-gapped operation: no hardcoded internet endpoints; provide config flags and mirrored feeds when needed.