Update AGENTS.md files across multiple modules to standardize task status update instructions and introduce a new document for Secret Leak Detection operations.

- Modified task status update instructions in AGENTS.md files to refer to corresponding sprint files as `/docs/implplan/SPRINT_*.md` instead of `docs/implplan/SPRINTS.md`.
- Added a comprehensive document for Secret Leak Detection operations detailing scope, prerequisites, rule bundle lifecycle, enabling the analyzer, policy patterns, observability, troubleshooting, and references.

src/Scanner/StellaOps.Scanner.Analyzers.Native/AGENTS.md

@@ -19,7 +19,7 @@ Deliver deterministic native binary analyzers that detect entrypoints, dependenc
 - Platform-specific loader references cited in sprint notes (e.g., ld.so, SafeDll search, dyld).
 
 ## Working Agreement
-1. **Status sync** – set task state to `DOING`/`DONE` in both `docs/implplan/SPRINTS.md` and local `TASKS.md` when starting/finishing work.
+1. **Status sync** – set task state to `DOING`/`DONE` in both sprint file `/docs/implplan/SPRINT_*.md` and local `TASKS.md` when starting/finishing work.
 2. **Surface usage** – run Surface.Validation, use Surface.Env for configuration, Surface.FS for cached artefacts, and Surface.Secrets for protected inputs.
 3. **Determinism** – no host filesystem lookups; rely on virtual image roots; stabilise ordering and timestamps.
 4. **AOC compliance** – emit observations/edges without severity or policy interpretation; include provenance and reason codes.