05 Signoff Registry Audit

Verdict SIGNOFF_SCOPE_WEAK. Current NOT_SAFE is recorded; no positive SAFE exists; readiness is blocked.

Both reviews have reviewed_plan_checksum NULL and valid_until NULL. Positive signoff accepts any active SAFE row whose free-text scope contains APPLY and does not compare current plan checksum. No reviewer authority/approval FK; no constraints enforce evidence, SAFE checksum/expiry, lifecycle, or current-plan binding. Validated collections bind only review ID; builder ignores review verdict and validation kind. Literal false was removed, but replacement remains spoofable.