feat(config-audit): HKV flags verbose hook output (v5 M5) [skip-docs]

Static heuristic — counts console.log / process.stdout.write lines per
referenced hook script. > 50 → low CA-HKV-NNN finding.

New fixtures:
- hooks-verbose/ (61 verbose lines → triggers)
- hooks-quiet/ (5 lines → no finding)

580 → 582 tests, all green.

plugins/config-audit/tests/fixtures/hooks-quiet/hooks/hooks.json

@@ -0,0 +1,7 @@
+{
+  "hooks": {
+    "PreToolUse": [
+      { "matcher": "Bash", "hooks": [{ "type": "command", "command": "node ./scripts/quiet.mjs", "timeout": 5000 }] }
+    ]
+  }
+}