refactor(sig-events): rename verdict to status, simplify triage workflow

[crespocarlos]

Summary

Removes verdict terminology from the sig_events managed workflows and agent instructions, and simplifies triage.yaml to the append-only events model.

Workflow changes (primary):

• triage.yaml: removes .significant_events-verdicts index reference; deletes 4 dead existence-check steps (check_existing_event_doc, check_latest_verdict_doc, compute_changes, compute_write_gates) — unnecessary now that events is append-only; renames all VERDICT_* constants → STATUS_*, step names (store_verdicts → store_significant_events, etc.), and output key (verdicts → significant_events); adds audit fields to the event write body; removes write_verdict_doc
• discovery.yaml: verdict → status in all field references and filters
• judge.md.text / investigator.md.text: output field names, schema table, and evaluation guidance updated

TypeScript cascade (resolves TODOs left by #271626):

• sigEventSchema: verdict → status; verdict_summary → analysis_summary; verdict_id removed; audit fields added; data stream version bumped 4 → 5
• Server filter, route query param, UI components, and hook all renamed accordingly

Depends on #271626 — must merge first; this PR should be rebased on main after that merges.

Checklist

• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Documentation was added for features that require explanation or tutorials
• Unit or functional tests were updated or added to match the most common scenarios
• If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the docker list
• This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The release_note:breaking label should be applied in these situations.
• Flaky Test Runner was used on any tests changed
• The PR description includes the appropriate Release Notes section, and the correct release_note:* label is applied per the guidelines
• Review the backport guidelines and apply applicable backport:* labels.

Identify risks

• ES mapping rename (verdict → status): existing rollover indices retain verdict; new indices use status. First triage cycle after deploy re-evaluates all pre-migration discoveries (one-time burst — expected, no data loss).
• Merge order: if this lands before [SigEvents][Discovery] Remove Verdicts tab #271626, lifecycle_timeline.tsx silently drops verdict entries. Merge order matters.

---

🤖 Co-authored with AI assistance.

Made with Cursor

[infra-vault-gh-plugin-prod]

🤖 Jobs for this PR can be triggered through checkboxes. 🚧

ℹ️ To trigger the CI, please tick the checkbox below 👇

• Click to trigger kibana-pull-request for this PR!
• Click to trigger kibana-deploy-project-from-pr for this PR!
• Click to trigger kibana-deploy-cloud-from-pr for this PR!
• Click to trigger kibana-entity-store-performance-from-pr for this PR!
• Click to trigger kibana-storybooks-from-pr for this PR!