Governor: Let's make vibe coding safe

Turning internal security docs into executable checks is the smartest move here — the README promises a docs-to-checks extractor plus a hybrid 'engine: rule' and 'engine: ai' model so you can keep deterministic guards alongside LLM-powered analysis. The isolated staging workspace, file/byte limits, and machine-readable artifacts (MD/JSON/HTML) show this is designed for real intake pipelines, though the repo's blunt disclaimer about LLM fallibility is a necessary reminder to validate findings.