feat(runtime): harden daily pipeline audit and verification

Tighten real-ingestion success rules, separate scheduled reports from historical rebuilds, and persist source-level runtime audit across daily pipeline runs.

Also add the Phase 5 CI workflow contract plus verification updates and supporting docs so the full uncommitted change set can be validated together.

scripts/fetch_multi_source_test.go

@@ -90,6 +90,49 @@ func TestRunCollectorDryRunSkipsDatabaseWrite(t *testing.T) {
 	if !bytes.Contains(out.Bytes(), []byte("currencies=CNY:2,USD:1")) {
 		t.Fatalf("expected currency summary, got %q", output)
 	}
+	if !bytes.Contains(out.Bytes(), []byte("selected_source_keys=moonshot,openai")) {
+		t.Fatalf("expected selected source keys in summary, got %q", output)
+	}
+	if !bytes.Contains(out.Bytes(), []byte("successful_source_keys=moonshot,openai")) {
+		t.Fatalf("expected successful source keys in summary, got %q", output)
+	}
+	if !bytes.Contains(out.Bytes(), []byte("failed_source_keys=none")) {
+		t.Fatalf("expected failed source keys in summary, got %q", output)
+	}
+}
+
+func TestRunCollectorReportsFailedSourceKeys(t *testing.T) {
+	cfg := runConfig{DryRun: true}
+	var out bytes.Buffer
+
+	err := runCollector(
+		cfg,
+		[]DataSource{
+			fakeSource{
+				name: "Moonshot",
+				prices: []ModelPricing{
+					{ModelID: "kimi-k2.6", ProviderCountry: "CN", Currency: "CNY"},
+				},
+			},
+			fakeSource{
+				name: "OpenAI",
+				err:  bytes.ErrTooLarge,
+			},
+		},
+		nil,
+		&out,
+	)
+	if err != nil {
+		t.Fatalf("runCollector returned error: %v", err)
+	}
+
+	output := out.String()
+	if !bytes.Contains(out.Bytes(), []byte("successful_source_keys=moonshot")) {
+		t.Fatalf("expected successful source keys in summary, got %q", output)
+	}
+	if !bytes.Contains(out.Bytes(), []byte("failed_source_keys=openai")) {
+		t.Fatalf("expected failed source keys in summary, got %q", output)
+	}
 }
 
 func TestPricingMetadataClassifiesSourceType(t *testing.T) {