Interop batch (from multi-agent web research; verified absent). Full layers + tests + EN/Zh v56 docs + README.

Feature (utils/sarif, pure-stdlib json+hashlib)

• to_sarif / write_sarif: build a SARIF 2.1.0 document from normalized findings ({rule_id, level, message, file?, line?}) — auto rule catalog + stable partialFingerprints for cross-run dedupe — so action-lint / secrets-scan / WCAG-audit / guardrail results land in GitHub/Azure DevOps code scanning as line-anchored alerts. make_finding builder; from_lint_issues (index/severity/code/message) and from_audit_findings (sc/criterion/kind/severity) adapt existing producers. Severity → SARIF error/warning/note.
• Executor AC_export_sarif (findings list or JSON string, optional path/tool_name); MCP ac_export_sarif; Builder under Report.

Verification

• 11 tests pass (document shape, no-location, fingerprint stable/distinct, explicit rules, from_lint + negative-index, from_audit, write_sarif, executor round-trip, wiring, facade); ruff clean; radon no CC≥C; bandit clean; PySide6-free.