feat: B12 Chatbot-Cookie-Klassifikation (#19) + Cookie-Matrix scan + safetykon test

#19 Chatbot-Cookie-Klassifikation:
  - chat_providers.json KB mit 11 Providern (iAdvize, Intercom, Tidio,
    Drift, Userlike, Zendesk, LivePerson, HubSpot, Vertex AI, OpenAI,
    Anthropic Claude). Pro Provider: Cookie-Pattern-Regex,
    typical_retention_days, tn_functions vs cp_functions, ai_capable.
  - chatbot_cookie_classification_check.py mit 4 KORRIGIERTEN Checks:
      CHAT-COOKIE-CLASS-001 (MED) — TN deklariert + Vendor-Purpose
        erwähnt Targeting/Analytics/A-B-Tests
      CHAT-COOKIE-CLASS-002 (MED) — Provider hat tn+cp Funktionen,
        Tabelle nennt nur eine Seite → keine Einwilligungs-Differenzierung
      CHAT-COOKIE-PURPOSE-001 (LOW) — Zweck zu generisch (Art. 13
        DSGVO konkret)
      CHAT-COOKIE-RETENTION-001 (HIGH) — deklariert <90d, KB-typisch
        >365d → vermutlich unterdeklariert
    NEU vs vorigem Plan: kein "eigene Banner-Kategorie Chat/AI"-Check —
    gesetzlich nicht vorgeschrieben (Vermischung Zweck-Transparenz vs
    Kategorie-Name). Anwender-Frage berechtigt, Konzept geschärft.
  - _b12_wiring.py + Orchestrator-Wire + V2-Compose-Slot
  - Cookie-Inventar mit [Chat]/[Chat+AI]-Tag pro Cookie-Name (KB-Lookup)
  - Smoke (3 Vendors / 5 Cookies): 9 findings korrekt (3 HIGH RETENTION,
    3 MEDIUM CLASS-001, 4 LOW PURPOSE)

Cookie-Matrix Scan (Browser-Vergleich gegen safetykon.de):
  - consent-tester/services/cookie_behavior_per_browser.py: eigener
    fokussierter Scanner. Pro Browser-Profile: cookies before / after
    reject / after accept in separaten Kontexten. Sequenzielle Runs
    statt parallel (Race-Conditions).
  - routes_cookie_matrix.py POST /scan-cookie-matrix
  - Live-Test safetykon.de: chromium=1, firefox=0, webkit=1, mobile-
    safari=1 nach reject — Firefox setzt KEIN Cookie nach Reject!
    (consent-tester Rebuild brachte playwright install-deps für system-libs)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

backend-compliance/compliance/api/agent_check/_b12_wiring.py

@@ -0,0 +1,73 @@
+"""B12 wiring — Chatbot-Cookie-Klassifikation.
+
+Hängt sich an `state["extra_findings"]` mit ähnlichem Render-Pattern wie
+B9/B10. Wird vom Orchestrator nach B11 (run_b9b10) aufgerufen.
+"""
+
+from __future__ import annotations
+
+import html
+import logging
+
+from compliance.services.chatbot_cookie_classification_check import (
+    check_chatbot_cookie_classification,
+)
+
+logger = logging.getLogger(__name__)
+
+
+def run_b12(state: dict) -> None:
+    new = check_chatbot_cookie_classification(state)
+    if not new:
+        return
+    extras = state.get("extra_findings") or []
+    extras.extend(new)
+    state["extra_findings"] = extras
+    state["chatbot_cookie_html"] = _render(new)
+    logger.info("B12 chatbot-cookies: %d findings", len(new))
+
+
+def _render(findings: list[dict]) -> str:
+    cards = []
+    for f in findings:
+        sev = (f.get("severity") or "").upper()
+        color = "#dc2626" if sev == "HIGH" else (
+            "#f59e0b" if sev == "MEDIUM" else "#64748b"
+        )
+        meta = (
+            "<div style='font-size:12px;color:#475569;margin-top:6px;'>"
+            f"<em>Provider: {html.escape(f.get('provider') or '?')} · "
+            f"Cookie: <code>{html.escape(f.get('cookie_name') or '?')}</code>"
+            "</em></div>"
+        )
+        evidence = ""
+        if f.get("evidence"):
+            evidence = (
+                "<div style='font-size:12px;color:#475569;margin-top:4px;'>"
+                f"<em>{html.escape(f['evidence'])}</em></div>"
+            )
+        cards.append(
+            f"<div style='margin:12px 0;padding:14px;background:#fff;"
+            f"border-left:3px solid {color};border-radius:4px;'>"
+            f"<div style='font-weight:600;color:{color};font-size:14px;'>"
+            f"{sev} · {html.escape(f.get('check_id') or '')}</div>"
+            f"<div style='font-size:14px;margin-top:4px;'>"
+            f"<strong>{html.escape(f.get('title') or '')}</strong></div>"
+            f"<div style='font-size:12px;color:#64748b;margin-top:2px;'>"
+            f"{html.escape(f.get('norm') or '')}</div>"
+            f"{meta}{evidence}"
+            f"<div style='font-size:13px;margin-top:8px;background:#dcfce7;"
+            f"padding:8px 10px;border-radius:4px;'>"
+            f"<strong>→ Empfehlung:</strong> "
+            f"{html.escape(f.get('action') or '')}</div>"
+            "</div>"
+        )
+    return (
+        "<div style='margin:24px 0;padding:16px;border-left:4px solid #f59e0b;"
+        "background:#fffbeb;border-radius:4px;'>"
+        "<h2 style='margin:0 0 8px;color:#92400e;font-size:16px;'>"
+        "💬 Chatbot-Cookie-Klassifikation (KB-basiert)"
+        "</h2>"
+        + "".join(cards) +
+        "</div>"
+    )

backend-compliance/compliance/api/agent_check/_orchestrator.py

@@ -67,6 +67,7 @@ async def run_compliance_check(check_id: str, req) -> None:
         run_b5(state)  # AI-Act Art. 50 transparency
         run_b6b7b8(state)  # DPO-cross-doc + Doc-Staleness + CMP-fingerprint
         run_b9b10(state)  # Multi-Entity-Impressum + Drittland-Mechanismus
+        run_b12(state)  # Chatbot-Cookie-Klassifikation (B11 ist in B9B10)
         # Phase D-3 top/mid/bot: Step 5 HTML blocks
         await run_phase_d3_top(state)
         await run_phase_d3_mid(state)