fix(cli): preserve full per-skill JSON payload in recursive scans (#228)

[rodboev]

Summary

skillspector scan --recursive --format json currently reduces each successful skills[] entry to a summary row and drops the full per-skill report contract that single-skill JSON already exposes. This preserves the recursive JSON contract for integrations by embedding the full per-skill payload while keeping the existing summary keys.

Closes #228

Root cause

_scan_multi_skill() already has the full graph result for each skill, including the rendered JSON report_body. The recursive JSON writer rebuilds each skills[] entry from only name, path, risk_score, risk_severity, and finding_count, so the richer per-skill JSON document is discarded before the combined file is written.

Diff Notes

• Add a small private helper in src/skillspector/cli.py that parses successful per-skill JSON report_body values.
• Reuse that payload in the recursive JSON writer and merge it into each successful skills[] entry while retaining the compatibility summary keys.
• Keep per-skill error entries unchanged.
• Add focused CLI regression coverage for recursive JSON fidelity, single-skill preservation, and non-JSON recursive negative space.

Scope

This stays on the CLI/report-contract boundary. It does not change analyzers, report-node schema, SARIF output, structured-skill discovery, baseline threading, provider behavior, or non-JSON recursive output.

Verification

• ./.venv/Scripts/python.exe -m pytest tests/unit/test_cli.py tests/test_multi_skill.py (22 passed, 1 warning)
• uv run ruff check src/ tests/
• uv run ruff format --check src/ tests/