/claim #1358

What changed

Adds fixture-backed AWS Organizations coverage evidence gates to aws-review.

• Adds AWS-ORG-COV-01 through AWS-ORG-COV-08 for account inventory, OU/SCP attachments, organization CloudTrail, Config aggregator, delegated security services, Control Tower / landing-zone drift, exception / break-glass accounts, and explicit organization-scope decisions.
• Adds organization coverage severity guidance and an Organization Coverage Evidence output table.
• Adds common pitfalls for treating one account as the organization and assuming delegated admin means full coverage.
• Adds benign/vulnerable JSON fixtures for fresh organization-wide evidence versus a single account export incorrectly claimed as organization coverage.

Why this PR

Existing PR #1360 is a useful Markdown edge-case implementation. This PR is intentionally structured-evidence-fixture-backed so future checks can distinguish organization-wide evidence from single-account or partial delegated-admin exports.

Validation

• git diff --check origin/main...HEAD
• git merge-tree --write-tree origin/main HEAD
• JSON parse check for both added fixtures
• Markdown fence balance for aws-review/SKILL.md
• Marker checks for version: "1.0.1", AWS Organizations Coverage Evidence, AWS-ORG-COV-01 through AWS-ORG-COV-08, Organization Coverage Evidence, Scope decision, Treating one account as the organization, and Assuming delegated admin means full coverage
• Fixture marker checks for expected_skill_decision, organization_evidence, account_inventory, scp_attachment_map, organization_trail, config_aggregator, delegated_admin_services, and exception_register
• Added-line ASCII scan
• Added-line sensitive/public-contact pattern scan
• Remote compare verification before PR creation

Bounty tier

Requesting Improver Moderate ($100) if accepted. This adds structured local fixtures in addition to the organization-wide guardrail evidence guidance requested by the issue.