epic: Group A — independent foundational improvements

[mdproctor]

Overview

All items in this group are independent of each other and of Groups B/C/D. They can be worked in parallel. All are S or M sized. Start here.

Parent epic: #48

Issues (no ordering required — all independent)

Issue	Size	Description
ActorTypeResolver consumer updates	S	Update casehub-qhorus, casehub-engine, casehub-work to use the utility created in #47
TrustGateService	S	CDI bean: meetsThreshold(actorId, capability, minTrust)
Trust decay acceleration on FLAGGED	S	FLAGGED attestation steepens decay curve in TrustScoreComputer
Ledger health checks	S	Reconciliation + sequence gap detection
Multi-attestation aggregation	S	Consensus verdict before TrustScoreJob
Compliance report query API	M	Pre-formatted ComplianceSupplement output for regulators
ProvenanceSupplement capture interceptor	M	@ProvenanceCapture CDI interceptor

Motivating use case (runs throughout all Group A issues)

An agent reviews PR #456. It sends DONE. LedgerWriteService writes a SOUND attestation (done in qhorus#123). TrustScoreJob updates the agent's trust score. A TrustGateService query confirms the agent meets the threshold for the next security-review assignment. Six months later, PR #456 ships a bug. A FLAGGED attestation is written — the agent's decay curve steepens. Future security-review assignments route to more reliable agents instead.

Every issue in this group contributes one piece of that loop.