2025-11-03 – Vuln Explorer access controls refresh

Expanded docs/11_AUTHORITY.md with attachment signing tokens, ledger verification workflow, and a Vuln Explorer security checklist.
Added scope guidance for attachment tokens in docs/security/authority-scopes.md and updated the Vuln Explorer architecture dossier.
Refreshed etc/authority.yaml.sample comments to highlight ABAC attributes and attachment token verification requirements.