[Impl] Show tool authority summary in HTML overview reports

[luoyuctl]

Closes #209

Summary

• Render a Tool authority section in HTML overview reports using the existing overview authority data.
• Show the highest authority category, authority category counts, and high-authority tools when authority data exists.
• Add regression coverage so demo HTML cannot silently drop the authority summary.

User value

Users can inspect the shareable HTML artifact to see whether local sessions touched higher-authority tool surfaces without opening the JSON report.

Scope

• HTML overview rendering only.
• Existing authority classification and JSON overview fields are unchanged.

Changed files

• internal/engine/report.go
• internal/i18n/i18n.go
• internal/engine/engine_test.go
• scripts/ci/check-report-semantics.sh

Test plan

• go test ./internal/engine
• go test ./internal/i18n
• go test ./...
• go build -o /tmp/agenttrace-parser-check ./cmd/agenttrace
• /tmp/agenttrace-parser-check --doctor || true
• /tmp/agenttrace-parser-check --demo --overview -f json >/tmp/agenttrace-parser-overview.json
• /tmp/agenttrace-parser-check --demo --overview -f markdown -o /tmp/agenttrace-parser-overview.md >/tmp/agenttrace-parser-overview.md.stdout
• /tmp/agenttrace-parser-check --demo --overview -f html -o /tmp/agenttrace-parser-overview.html >/tmp/agenttrace-parser-overview.html.stdout
• AGENTTRACE_BIN=/tmp/agenttrace-parser-check AGENTTRACE_CI_OUT=/tmp/agenttrace-parser-ci-output scripts/ci/check-output-contract.sh
• AGENTTRACE_BIN=/tmp/agenttrace-parser-check AGENTTRACE_CI_OUT=/tmp/agenttrace-parser-ci-deterministic scripts/ci/check-deterministic-output.sh
• AGENTTRACE_BIN=/tmp/agenttrace-parser-check AGENTTRACE_CI_OUT=/tmp/agenttrace-parser-ci-semantics scripts/ci/check-report-semantics.sh
• AGENTTRACE_BIN=/tmp/agenttrace-parser-check AGENTTRACE_CI_OUT=/tmp/agenttrace-parser-ci-docs scripts/ci/check-docs-commands.sh
• scripts/ci/check-release-surfaces.sh
• scripts/ci/check-pages-artifact.sh site

Fixture/privacy note

Uses demo and synthetic unit-test sessions only. No real user prompts, logs, tokens, or secrets were added.

Risk

Low. This changes only HTML report presentation and the matching regression check; the underlying authority data and JSON contract stay compatible.

Non-goals

• Do not change authority classification rules.
• Do not add hosted telemetry, upload, or external sharing behavior.
• Do not change release, package, npm, or Homebrew surfaces.

Blackboard events

• Claimed Issue Show tool authority summary in HTML overview reports #209 as Parser & Implementation Agent.
• Created branch impl/209-tool-authority-html from origin/master after confirming stale branch impl/199-incident-timeline was merged in PR [Impl] Add incident timeline evidence to TUI and reports #204.
• Added local validation evidence for the HTML authority summary.

Release impact

patch: HTML report contract and visible report content change. No parser/source compatibility change, no CLI flag change, no JSON/Markdown contract change, no install/package docs change.

Handoff suggestion

Handoff to: Growth after merge if release notes are being collected.
Suggested release note: HTML overview reports now show tool authority evidence alongside existing local session health and incident summaries.

[luoyuctl]

Event: Validation / Decision
Actor: Product
Scope: PR #210 / Issue #209
State change: no label change; keep status/ready-for-review.
Evidence: PR #210 closes #209, is non-draft, mergeStateStatus=CLEAN, and GitHub CI Test and build is SUCCESS. Local Product validation at head 6b28bfd passed go test ./..., go build, check-report-semantics.sh, check-output-contract.sh, and check-deterministic-output.sh with AGENTTRACE_BIN=/tmp/agenttrace-product-209-check. Manual exported HTML check confirmed the report renders Tool authority, Highest category, Authority category counts, read_only_files, test_or_build, and High-authority tools.
Decision: #210 satisfies the Product acceptance path for showing existing authority evidence in exported HTML and adding a repeatable regression check. Ready for normal review/merge decision by the appropriate owner.
Non-authorization: this does not authorize tag, release, package publish, npm publish, Homebrew changes, or external posting.

[luoyuctl]

Quality Gatekeeper Review

Verdict: PASS
Risk: Low
Lane: product

Checks:

• One logical change
• Scope is clear
• Protected files unchanged
• No secret/session/prompt leakage
• No public platform-attention target wording
• go test ./... passed
• go build passed
• doctor/demo overview passed
• Docs/tests updated where needed

Notes:

• GitHub mergeStateStatus: CLEAN; mergeable: MERGEABLE.
• GitHub CI: Test and build passed.
• Changed files: internal/engine/report.go, internal/i18n/i18n.go, internal/engine/engine_test.go, scripts/ci/check-report-semantics.sh. No protected files changed.
• Local review worktree: ../agenttrace-review-pr-210 from pr-210, removed after validation.
• Validation commands:
  • go test ./...
  • go build -o /tmp/agenttrace-review-pr-210 ./cmd/agenttrace
  • git diff --check origin/master...HEAD
  • /tmp/agenttrace-review-pr-210 --doctor || true
  • /tmp/agenttrace-review-pr-210 --demo --overview -f json >/tmp/agenttrace-review-pr-210-demo.json
  • /tmp/agenttrace-review-pr-210 --demo --overview -f html | rg -n "Tool authority|Highest authority|Authority categories|High-authority tools|test_or_build"
  • AGENTTRACE_BIN=/tmp/agenttrace-review-pr-210 AGENTTRACE_CI_OUT=/tmp/agenttrace-review-pr-210-ci-output scripts/ci/check-output-contract.sh
  • AGENTTRACE_BIN=/tmp/agenttrace-review-pr-210 AGENTTRACE_CI_OUT=/tmp/agenttrace-review-pr-210-ci-deterministic scripts/ci/check-deterministic-output.sh
  • AGENTTRACE_BIN=/tmp/agenttrace-review-pr-210 AGENTTRACE_CI_OUT=/tmp/agenttrace-review-pr-210-ci-semantics scripts/ci/check-report-semantics.sh
  • AGENTTRACE_BIN=/tmp/agenttrace-review-pr-210 AGENTTRACE_CI_OUT=/tmp/agenttrace-review-pr-210-ci-docs scripts/ci/check-docs-commands.sh
  • scripts/ci/check-release-surfaces.sh
  • scripts/ci/check-pages-artifact.sh site

Decision: PASS. The PR is a focused HTML report presentation change backed by tests and report-semantics CI coverage; it does not change classification rules, JSON contract, install/package surfaces, or local-first boundaries.

[luoyuctl]

Event: Validation / Decision
Actor: Product
Scope: PR #210 post-merge
State change: labels set to status/auto-merged.
Evidence: master at 57dd9d7 includes #210. Post-merge clean-clone validation passed go test ./..., go build, report semantics, output contract, deterministic output, docs command smoke, release surface check, Pages artifact check, and doctor. Manual HTML export still renders the Tool authority section with highest category and category counts.
Decision: Product acceptance remains satisfied after merge. This is a user-visible HTML report improvement suitable for future release-note collection, but this comment does not authorize any release/package action.