feat: add collectors and rules

README.md

@@ -21,14 +21,30 @@ vm-cc is the continuous compliance and evidence orchestration layer. It ingests
 - 90-automation/: pipelines/glue for end-to-end runs
 - scripts/: thin CLI wrappers to orchestrate collect → evaluate → report → sign
 
+## Run directories
+Each execution writes to a per-run folder set:
+- 30-evidence/YYYY-MM-DD/RUN_ID/
+- 50-reports/YYYY-MM-DD/RUN_ID/
+- 60-proofs/YYYY-MM-DD/RUN_ID/
+- 70-violations/YYYY-MM-DD/RUN_ID/
+
+RUN_ID format: `YYYYMMDDThhmmssZ_<shorthash>`.
+
 ## Rule result contract (example)
 ```
 {
-  "rule_id": "authority-hierarchy",
+  "version": "1.0.0",
+  "rule_id": "ledger.hash_chain_intact",
+  "control_ids": ["AU-01", "AU-02"],
   "passed": true,
-  "severity": "HIGH",
+  "severity": "CRITICAL",
   "timestamp": "2025-12-27T12:00:00Z",
-  "evidence": ["30-evidence/2025-12-27/authority.json"],
-  "details": { "checked_transitions": 42 }
+  "evidence": [
+    {
+      "path": "30-evidence/2025-12-27/20251227T120000Z_ab12/ledger_verify.json",
+      "sha256": "..."
+    }
+  ],
+  "details": { "entries_checked": 18231 }
 }
 ```