feat: Implement vulnerability token signing and verification utilities

- Added VulnTokenSigner for signing JWT tokens with specified algorithms and keys.
- Introduced VulnTokenUtilities for resolving tenant and subject claims, and sanitizing context dictionaries.
- Created VulnTokenVerificationUtilities for parsing tokens, verifying signatures, and deserializing payloads.
- Developed VulnWorkflowAntiForgeryTokenIssuer for issuing anti-forgery tokens with configurable options.
- Implemented VulnWorkflowAntiForgeryTokenVerifier for verifying anti-forgery tokens and validating payloads.
- Added AuthorityVulnerabilityExplorerOptions to manage configuration for vulnerability explorer features.
- Included tests for FilesystemPackRunDispatcher to ensure proper job handling under egress policy restrictions.

docs/modules/authority/architecture.md

@@ -146,6 +146,48 @@ plan?        = <plan name>              // optional hint for UIs; not used for e
 
 ---
 
+### 3.5 Vuln Explorer workflow safeguards
+
+* **Anti-forgery flow** — Vuln Explorer’s mutation verbs call
+  * `POST /vuln/workflow/anti-forgery/issue`
+  * `POST /vuln/workflow/anti-forgery/verify`
+
+  Callers must hold `vuln:operate` scopes. Issued tokens embed the actor, tenant, whitelisted actions, ABAC selectors (environment/owner/business tier), and optional context key/value pairs. Tokens are EdDSA/ES256 signed via the primary Authority signing key and default to a 10‑minute TTL (cap: 30 minutes). Verification enforces nonce reuse prevention, tenant match, and action membership before forwarding the request to Vuln Explorer.
+
+* **Attachment access** — Evidence bundles and attachments reference a ledger hash. Vuln Explorer obtains a scoped download token through:
+  * `POST /vuln/attachments/tokens/issue`
+  * `POST /vuln/attachments/tokens/verify`
+
+  These tokens bind the ledger event hash, attachment identifier, optional finding/content metadata, and the actor. They default to a 30‑minute TTL (cap: 4 hours) and require `vuln:investigate`.
+
+* **Audit trail** — Both flows emit `vuln.workflow.csrf.*` and `vuln.attachment.token.*` audit records with tenant, actor, ledger hash, nonce, and filtered context metadata so Offline Kit operators can reconcile actions against ledger entries.
+
+* **Configuration**
+
+  ```yaml
+  authority:
+    vulnerabilityExplorer:
+      workflow:
+        antiForgery:
+          enabled: true
+          audience: "stellaops:vuln-workflow"
+          defaultLifetime: "00:10:00"
+          maxLifetime: "00:30:00"
+          maxContextEntries: 16
+          maxContextValueLength: 256
+      attachments:
+        enabled: true
+        defaultLifetime: "00:30:00"
+        maxLifetime: "04:00:00"
+        payloadType: "application/vnd.stellaops.vuln-attachment-token+json"
+        maxMetadataEntries: 16
+        maxMetadataValueLength: 512
+  ```
+
+  Air-gapped bundles include the signing key material and policy snapshots required to validate these tokens offline.
+
+---
+
 ## 4) Audiences, scopes & RBAC
 
 ### 4.1 Audiences