feat(cra): route secure-dev breadth to code_security (atom-grain)

Both network_security and code_security are now atom-grain. Per-sub_topic
use_case routing: secure_development -> code_security (best for secure-dev
findings), everything else -> network_security. Findings carry breadth_use_case
so the source context (which atom corpus) is visible under the best-practice depth.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

admin-compliance/app/sdk/iace/[projectId]/cra/_components/CRACyberView.tsx

@@ -130,7 +130,8 @@ function FindingsTable({ findings }: { findings: CRAFinding[] }) {
                     {f.regulatory_breadth && f.regulatory_breadth.length > 0 && (
                       <div className="mt-2">
                         <p className="text-[10px] text-gray-400 mb-1">
-                          Regulatorische Breite{f.sub_topic ? ` — ${f.sub_topic}` : ''} (NIST/ENISA/ISO-Quellen)
+                          Regulatorische Breite{f.sub_topic ? ` — ${f.sub_topic}` : ''}
+                          {f.breadth_use_case ? ` · ${f.breadth_use_case}` : ''} (NIST/OWASP/ENISA-Quellen)
                         </p>
                         <ul className="space-y-0.5">
                           {f.regulatory_breadth.map((c) => (