feat: add host-level summaries to markdown and json reports

[stacknil]

Closes #16

Summary

• add compact host-level summaries to report.md and report.json for multi-host inputs
• preserve existing top-level summary and finding behavior
• update golden outputs and regression tests for the new host-summary contract

Scope

This PR is limited to report-layer summaries.
It does not change detector thresholds, enrichment, cross-host correlation, or SIEM-like behavior.

Verification

• cmake --preset dev-debug
• cmake --build --preset dev-debug
• ctest --preset dev-debug
• cmake --preset ci-release
• cmake --build --preset ci-release
• ctest --preset ci-release

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 46abbcd57d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Validate header before deriving warning hostname

extract_hostname_from_input_line treats the next token as a hostname without validating that the preceding header tokens are structurally valid, so malformed lines can shift fields and create fake hosts in host_summaries. In journalctl_short_full, a line missing the timezone still yields a warning but this logic records the program token (for example sshd[2]:) as the host, which can incorrectly introduce extra hosts and skew per-host warning/finding counts.

Useful? React with 👍 / 👎.