feat(cookie): ① Storage Inventory + storage_transparency-Finding

Trennt echte Cookies von anderem Endgeraete-Speicher (Local/Session Storage,
IndexedDB, Salesforce-Framework-Artefakte) — § 25 TDDDG ist technologieneutral.
- cookie_storage_inventory: detect_storage_type (Name-Muster ComponentDefStorage/
  __MUTEX/LSKey + Laufzeit-Text) + build_storage_inventory + storage_transparency-
  Summenbefund ('X als Cookie gelistet -> Y echte + Z andere').
- Endpoint cookie-check liefert storage_inventory; Frontend zeigt den Breakdown.

Tests: 4 + Frontend-Vitest gruen. Differenzierungsmerkmal: '740 -> 132 + 608'.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

backend-compliance/compliance/api/agent_compliance_check_routes.py

@@ -232,6 +232,9 @@ async def snapshot_cookie_check(snapshot_id: str):
     from compliance.services.cookie_library_check import (
         analyze_cookies, load_big_library,
     )
+    from compliance.services.cookie_storage_inventory import (
+        build_storage_inventory, storage_transparency_finding,
+    )
     db = SessionLocal()
     try:
         snap = load_snapshot(db, snapshot_id)
@@ -241,7 +244,14 @@ async def snapshot_cookie_check(snapshot_id: str):
         names = [c.get("name", "")
                  for v in vendors for c in (v.get("cookies") or [])]
         big = load_big_library(db, names)
-        return analyze_cookies(vendors, big)
+        out = analyze_cookies(vendors, big)
+        inv = build_storage_inventory(vendors)
+        tf = storage_transparency_finding(inv)
+        if tf:
+            out["findings"].insert(0, tf)
+            out["summary"]["findings"] = len(out["findings"])
+        out["storage_inventory"] = inv
+        return out
     finally:
         db.close()