# Policy Simulation Batch Mode with SBOM Selectors

## Module
Cli

## Status
IMPLEMENTED

## Description
Batch mode policy simulation with SBOM selector patterns (e.g., registry:docker.io/*, tag:production), severity heatmap summaries, and manifest download for offline analysis.

## Implementation Details
- **Command Group**: `src/Cli/StellaOps.Cli/Commands/PolicyCommandGroup.cs` -- policy simulation commands
- **Commands**:
  - `stella policy simulate <file> --batch --selector <pattern>` -- batch simulation. Options: `--severity-heatmap`, `--download-manifests`, `--output <path>`, `--format table|json`
- **Selector patterns**: `registry:docker.io/*`, `tag:production`, `label:team=security`

## E2E Test Plan
- [ ] Run `stella policy simulate ./policy.stella --batch --selector "registry:docker.io/*"` and verify batch results
- [ ] Run with `--severity-heatmap` and verify severity distribution summary
- [ ] Run with `--download-manifests` and verify manifests downloaded for offline analysis
- [ ] Verify selector pattern matching (registry, tag, label patterns)
- [ ] Verify `--format json` output with per-artifact results