v0.7.2: Merkle provenance audit + RCE flake fix — TDD

audit-node exposes memory-object lineage (type, hash, scope, version).
/audit <node-id> TUI command. /audit verify deferred.

Fixed RCE test flake: assemble-config-section used getf on
non-plist cascade entries. Wrapped in handler-case. Also fixed
~/ format directive escape. Core reason: 35/35. Core: 81/81.

lisp/channel-tui-main.lisp

@@ -148,6 +148,18 @@
                      (when (fboundp 'load-identity-file)
                        (funcall 'load-identity-file))
                      (add-msg :system "Identity reloaded")))
+                  ;; /audit command — Merkle provenance
+                  ((and (>= (length text) 7) (string-equal (subseq text 0 7) "/audit "))
+                   (if (fboundp 'audit-node)
+                       (let* ((node-id (string-trim '(#\Space) (subseq text 7)))
+                              (info (funcall 'audit-node node-id)))
+                         (if info
+                             (add-msg :system (format nil "Node ~a: type=~a scope=~a hash=~a"
+                                                     (getf info :id) (getf info :type)
+                                                     (getf info :scope)
+                                                     (subseq (or (getf info :hash) "(none)") 0 16)))
+                             (add-msg :system (format nil "Node ~a not found" node-id))))
+                       (add-msg :system "Memory audit not available")))
                   ((string-equal text "/help")
                    (add-msg :system
                     "/focus <proj>  Set project context")