feat(use-case-compiler): MC-based compliance questionnaires with scoring

Implements the Use-Case Compiler that turns Master Controls into
interactive compliance audits. 5 templates (Vendor Check, SAST/DAST,
DSGVO, NIS2, CRA), deterministic + LLM question generation, scoring
engine with regulation/severity breakdown, and gap detection.

- Backend: 9 API endpoints, 22 unit tests (all pass)
- Frontend: Template selector, questionnaire, result dashboard
- Migration 027: usecase_audits + usecase_answers tables

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

ai-compliance-sdk/internal/app/routes.go

@@ -29,6 +29,7 @@ func registerRoutes(
 	gapHandler *handlers.GapHandler,
 	maximizerHandlers *handlers.MaximizerHandlers,
 	regulatoryNewsHandlers *handlers.RegulatoryNewsHandlers,
+	useCaseHandler *handlers.UseCaseHandler,
 ) {
 	v1 := router.Group("/sdk/v1")
 	{
@@ -51,6 +52,7 @@ func registerRoutes(
 		registerIACERoutes(v1, iaceHandler)
 		registerGapRoutes(v1, gapHandler)
 		registerMaximizerRoutes(v1, maximizerHandlers)
+		registerUseCaseRoutes(v1, useCaseHandler)
 		v1.GET("/regulatory-news", regulatoryNewsHandlers.GetNews)
 	}
 }
@@ -463,6 +465,21 @@ func registerMaximizerRoutes(v1 *gin.RouterGroup, h *handlers.MaximizerHandlers)
 	}
 }
 
+func registerUseCaseRoutes(v1 *gin.RouterGroup, h *handlers.UseCaseHandler) {
+	uc := v1.Group("/use-case")
+	{
+		uc.GET("/templates", h.GetTemplates)
+		uc.GET("/templates/:id", h.GetTemplate)
+		uc.POST("/compile", h.Compile)
+		uc.POST("/audits", h.CreateAudit)
+		uc.GET("/audits", h.ListAudits)
+		uc.GET("/audits/:id", h.GetAudit)
+		uc.POST("/audits/:id/answer", h.AnswerQuestion)
+		uc.GET("/audits/:id/score", h.GetScore)
+		uc.GET("/audits/:id/gaps", h.GetGaps)
+	}
+}
+
 func registerGapRoutes(v1 *gin.RouterGroup, h *handlers.GapHandler) {
 	g := v1.Group("/gap")
 	{