#23785: Skills: add signature verification and quarantine invalid signatures

## Summary - add phase-1 local skill signature verification (`skill.sig`) for Ed25519 signatures over a canonical file manifest - mark unsigned skills as unsigned (degraded) and quarantine invalid-signature skills - prevent quarantined skills from being included in the eligible skills snapshot/prompt - add tests for unsigned, valid signature, tamper detection, and quarantine behavior ## Why This adds immediate supply-chain hardening: signed skills verify locally, tampered skills are automatically disabled, and unsigned skills remain distinguishable for policy tightening in follow-up PRs. ## Tests - `pnpm vitest run src/agents/skills/signature.test.ts src/agents/skills.buildworkspaceskillsnapshot.test.ts src/agents/skills.test.ts` - `pnpm lint` <!-- greptile_comment --> <h3>Greptile Summary</h3> Added Ed25519 signature verification for skills to improve supply-chain security. Skills without `skill.sig` are marked as unsigned, skills with invalid signatures are quarantined and excluded from the prompt, and signed skills verify their manifest locally. **Key changes:** - Implemented signature verification with Ed25519 in `signature.ts` - Quarantine skills with invalid signatures (excluded from `shouldIncludeSkill`) - Added `signature` field to `SkillEntry` type to track verification status - Created comprehensive tests covering unsigned, valid, and tampered scenarios **Implementation notes:** - Manifest generation uses SHA-256 hashes of all files except `skill.sig` itself - File paths in manifest are normalized to forward slashes for cross-platform consistency - Verification uses Node.js `crypto` module with proper error handling - Publisher and keyId metadata are optional fields preserved from signature envelope <h3>Confidence Score: 4/5</h3> - This PR is safe to merge with minor observations - The implementation is well-designed with proper cryptographic verification, comprehensive tests, and clear quarantine logic. The code follows repository conventions and includes appropriate error handling. Score reflects solid implementation with a few areas worth noting for completeness. - No files require special attention _{Last reviewed commit: 4a1f195} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->