feat: add exhaustive-path-tracing to security audit template (#244)

Add the exhaustive-path-tracing protocol to the investigate-security
template for systematic deep analysis of parser and decoder functions
that process untrusted structured input.

Changes:
- Add exhaustive-path-tracing to template protocol list (optional,
  applied selectively to parser/decoder functions)
- Add instruction 7 with criteria for identifying functions that
  warrant deep path tracing (multi-field decode, inter-value
  arithmetic, iteration over decoded elements)
- Add specific attention items: inter-value arithmetic validation,
  loop-carried invariant gaps, truncation after bounds check
- Expand investigation plan from 5 to 7 steps, adding parser
  identification (step 3) and deep-dive (step 5)
- Add coverage ledger requirement to quality checklist
- Update manifest.yaml protocol list and description
- Add investigate-security to exhaustive-path-tracing applicable_to

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>