feat: Anti-Fake-Evidence System (Phase 1-4b)

Implement full evidence integrity pipeline to prevent compliance theater:
- Confidence levels (E0-E4), truth status tracking, assertion engine
- Four-Eyes approval workflow, audit trail, reject endpoint
- Evidence distribution dashboard, LLM audit routes
- Traceability matrix (backend endpoint + Compliance Hub UI tab)
- Anti-fake badges, control status machine, normative patterns
- 2 migrations, 4 test suites, MkDocs documentation

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

backend-compliance/compliance/api/isms_routes.py

@@ -73,39 +73,8 @@ def generate_id() -> str:
     return str(uuid.uuid4())
 
 
-def create_signature(data: str) -> str:
-    """Create SHA-256 signature."""
-    return hashlib.sha256(data.encode()).hexdigest()
-
-
-def log_audit_trail(
-    db: Session,
-    entity_type: str,
-    entity_id: str,
-    entity_name: str,
-    action: str,
-    performed_by: str,
-    field_changed: str = None,
-    old_value: str = None,
-    new_value: str = None,
-    change_summary: str = None
-):
-    """Log an entry to the audit trail."""
-    trail = AuditTrailDB(
-        id=generate_id(),
-        entity_type=entity_type,
-        entity_id=entity_id,
-        entity_name=entity_name,
-        action=action,
-        field_changed=field_changed,
-        old_value=old_value,
-        new_value=new_value,
-        change_summary=change_summary,
-        performed_by=performed_by,
-        performed_at=datetime.utcnow(),
-        checksum=create_signature(f"{entity_type}|{entity_id}|{action}|{performed_by}")
-    )
-    db.add(trail)
+# Shared audit trail utilities — canonical implementation in audit_trail_utils.py
+from .audit_trail_utils import log_audit_trail, create_signature  # noqa: E402
 
 
 # =============================================================================