Add AI privacy streaming telemetry gates

[malb200710-dev]

Closes #1619.

What This PR Does

Adds a focused Streaming and Telemetry Privacy Boundaries gate to ai-data-privacy so the skill distinguishes final-answer redaction from earlier content emission/export paths.

Coverage added:

• SSE/WebSocket/callback streaming boundaries where raw deltas may leave the app before final redaction.
• GenAI tracing, OpenTelemetry/APM, provider dashboards, LLMOps callbacks, RAG context traces, and tool-call argument/result capture.
• Boundary rule: privacy controls only count if they run before the assessed stream/write/export boundary.
• Finding criteria for raw streamed PII/PHI, raw prompt/completion/tool/RAG trace export, callback capture before redaction, stateful chunk redaction gaps, and metadata-only telemetry false-positive handling.
• Output summary field and common pitfall for streaming/tracing raw content.
• OpenTelemetry GenAI semantic convention reference.

Framework References

• NIST AI RMF 1.0 MAP/MEASURE/MANAGE privacy-risk functions already referenced by the skill.
• OWASP LLM02:2025 Sensitive Information Disclosure.
• GDPR Art. 5/6/17/25/35 privacy-by-design and processing obligations already referenced by the skill.
• OpenTelemetry GenAI semantic conventions for current GenAI spans/events.

Testing

• Confirmed version: "1.0.1" is present.
• Confirmed new markers: Streaming and Telemetry Privacy Boundaries, Boundary rule, Streaming and telemetry boundaries, and OpenTelemetry GenAI reference.
• Markdown fence balance: 16 fences, even.
• ASCII content check passed.