09 - Hardcode Guard v3 Audit

Verdict: HARDCODE_GUARD_FAIL.

Hardcode guard v3 only counts rows in a manually maintained inventory; omissions are invisible. Disguised detector has nine narrow source-text/presence checks such as function source contains p_expected/FAIL_MISSING_SIGNAL/function name, readiness definition contains pg_proc, writer source contains guard names, and snapshot count equals fingerprint count.

All pass while unenforced rule authority, incomplete fingerprint, spoofable signoff, name-regex readiness, PUBLIC EXECUTE builders, and Directus full DML remain. It cannot be an authority gate.