feat(engine,ui): unify detection in rules engine, add function rules & per-script matches; improve scripts table UX

Core changes
- Centralize detection in the Rules Engine; browser.py now focuses on fetch/extract/persist.
- Add class-based adapters:
  - FactAdapter: converts snippets → structured facts.
  - FunctionRuleAdapter: wraps dict-based rule functions for engine input (str or dict).
- Register function rules (code-based) alongside YAML rules:
  - form_action_missing
  - form_http_on_https_page
  - form_submits_to_different_host
  - script_src_uses_data_or_blob
  - script_src_has_dangerous_extension
  - script_third_party_host

Rules & YAML
- Expand/normalize YAML rules with severities + tags; tighten patterns.
- Add new regex rules: new_function_usage, unescape_usage, string_timer_usage, long_hex_constants.
- Move iframe rule to `text` category.
- Keep existing script/form/text rules; all compile under IGNORECASE.

Browser / analysis refactor
- browser.py:
  - Remove inline heuristics; rely on engine for PASS/FAIL, reason, severity, tags.
  - Build page-level overview (`rule_checks`) across categories.
  - Analyze forms: add `base_url` + `base_hostname` to snippet so function rules can evaluate; include per-form rule_checks.
  - Analyze scripts: **per-script evaluation**:
    - Inline -> run regex script rules on inline text.
    - External -> run function script rules with a facts dict (src/src_hostname/base_url/base_hostname).
    - Only include scripts that matched ≥1 rule; attach severity/tags to matches.
  - Persist single source of truth: `/data/<uuid>/results.json`.
  - Backward-compat: `fetch_page_artifacts(..., engine=...)` kwarg accepted/ignored.

UI/UX
- Suspicious Scripts table now shows only matched scripts.
- Add severity badges and tag chips; tooltips show rule description.
- Prevent table blowouts:
  - Fixed layout + ellipsis + wrapping helpers (`.scripts-table`, `.breakable`, `details pre.code`).
  - Shortened inline snippet preview (configurable).
- Minor template niceties (e.g., rel="noopener" on external links where applicable).

Config
- Add `ui.snippet_preview_len` to settings.yaml; default 160.
- Load into `app.config["SNIPPET_PREVIEW_LEN"]` and use in `analyze_scripts`.

Init / wiring
- Import and register function rules as `Rule(...)` objects (not dicts).
- Hook Rules Engine to Flask logger for verbose/diagnostic output.
- Log totals on startup; keep YAML path override via `SNEAKYSCOPE_RULES_FILE`.

Bug fixes
- Fix boot crash: pass `Rule` instances to `engine.add_rule()` instead of dicts.
- Fix “N/A” in scripts table by actually computing per-script matches.
- Ensure form rules fire by including `base_url`/`base_hostname` in form snippets.

Roadmap
- Update roadmap to reflect completed items:
  - “Show each check and whether it triggered (pass/fail list per rule)”
  - Severity levels + tags in Suspicious Scripts
  - Results.json as route source of truth
  - Scripts table UX (badges, tooltips, layout fix)

app/static/style.css

@@ -286,3 +286,67 @@ details ul, details p {
 .scripts-table td small {
   opacity: 0.85;
 }
+/* keep the table from exploding */
+.scripts-table {
+  table-layout: fixed;
+  width: 100%;
+}
+
+/* columns: Type | Source URL | Snippet | Matches */
+.scripts-table th:nth-child(1) { width: 8rem; }
+.scripts-table th:nth-child(2) { width: 32rem; }   /* tweak as you like */
+.scripts-table th:nth-child(3) { width: 24rem; }
+.scripts-table th:nth-child(4) { width: auto; }
+
+/* ellipsize the table cells by default */
+.scripts-table td, .scripts-table th {
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
+}
+
+/* let URLs/snippets wrap *inside* their cell when expanded content shows */
+.breakable {
+  white-space: normal;
+  overflow-wrap: anywhere;
+  word-break: break-word;
+}
+
+/* when user opens <details>, keep code readable without blowing layout */
+details pre.code {
+  white-space: pre-wrap;
+  word-break: break-word;
+  max-height: 18rem;
+  overflow: auto;
+}
+
+/* Generic badge */
+.badge {
+  display: inline-block;
+  padding: 0.1rem 0.4rem;
+  margin-left: 0.35rem;
+  border-radius: 0.4rem;
+  font-size: 0.75rem;
+  line-height: 1;
+  vertical-align: middle;
+  user-select: none;
+}
+
+/* Severity colors */
+.sev-high   { background: #fdecea; color: #b71c1c; border: 1px solid #f5c6c4; }
+.sev-medium { background: #fff8e1; color: #8a6d3b; border: 1px solid #ffe0a3; }
+.sev-low    { background: #e8f5e9; color: #1b5e20; border: 1px solid #b9e6be; }
+
+/* Tag chips */
+.chip {
+  display: inline-block;
+  padding: 0.1rem 0.35rem;
+  margin-left: 0.25rem;
+  border-radius: 999px;
+  font-size: 0.7rem;
+  line-height: 1;
+  background: #eef2f7;
+  color: #425466;
+  border: 1px solid #d9e2ec;
+}
+