docs: add DLP detection test corpus

[cdot65]

Summary

• Adds docs/dlp-detection/ — a corpus for testing how well a content scanner (Prisma AIRS) detects sensitive data hidden inside files.
• Covers multiple modalities (PDF, JPEG, PNG, DOCX, ZIP) and hiding techniques: invisible PDF text layer (render mode 3), image metadata (EXIF/XMP/IPTC/PNG text chunks), JPEG container padding (COM segment + post-EOI bytes), rendered pixels (OCR), and LSB steganography.
• Each carrier embeds the same synthetic markers for apples-to-apples comparison; includes base64 encodings (inline-JSON API representation), generator/verify scripts, and a per-file catalog.
• Wired into the mkdocs nav under DLP Detection Testing.

Findings so far

• PDF invisible-text-layer: detected.
• JPEG metadata / container / OCR pixels: not detected.
• PNG LSB steg: flagged "toxic content" — likely steg-presence detection rather than payload reading; controls (dlp_ctrl_clean.png, dlp_ctrl_stego_benign.png) included to confirm.

Safety

• All values are synthetic / reserved-for-testing (reserved SSN, Visa test PAN, AWS documented example key, IANA example.com, 555-01xx phones). No real PII.
• One synthetic Stripe-pattern token tripped GitHub push protection and was allowlisted as test data.

Test plan

• mkdocs build is clean (verified locally — no warnings/broken links for the new section)
• Nav entry renders and sample/encoded download links resolve
• Continue submitting untested vectors (IPTC, PNG text chunks, DOCX, ZIP, controls) to the scanner and update the results matrix