docs: remove audit-bundle-flavored docs from public repo

Three docs added in Bundle 4 + Bundle 5 closure commits (750478a, 596e675)
were framed around acquisition-diligence audit findings and don't belong
in the public-facing operator docs tree:

- docs/operator/scheduler-ha.md         (Bundle 4 D2 per-loop HA truth table)
- docs/operator/rate-limit-scope.md     (Bundle 4 D3 scope statement)
- docs/operator/security-bundle-5-audit-closure.md  (Bundle 5 closure receipt)

Audit-bundle artifacts live in the operator's local cowork/ scratchpad,
not in docs/. The underlying code closures (advisory-lock migrations,
SSRF-guarded notifier transports, break-glass login limiter, MCP gating,
etc.) stand — only the audit-framed documentation surface is removed.

docs/README.md: drop the two table rows that pointed at the now-deleted
scheduler-ha.md + rate-limit-scope.md (added in 750478a, lines 77-78).

docs/README.md

@@ -74,8 +74,6 @@ You're running certctl in production and need operational guidance.
 | [Helm deployment](operator/helm-deployment.md) | Kubernetes installation via the bundled chart |
 | [Performance baselines](operator/performance-baselines.md) | Operator-runnable benchmarks for regression spot checks |
 | [Auth benchmarks](operator/auth-benchmarks.md) | Session + OIDC validation p99 targets and measured baselines |
-| [Scheduler HA semantics](operator/scheduler-ha.md) | Per-loop HA truth table for the 15 scheduler loops; what duplicates on multi-replica |
-| [Rate-limit scope](operator/rate-limit-scope.md) | Process-local vs cluster-wide rate-limit behavior, restart semantics, multi-replica mental math |
 | [Legacy clients (TLS 1.2)](operator/legacy-clients-tls-1.2.md) | Reverse-proxy runbook for embedded EST/SCEP clients on TLS 1.2 |
 
 ### Runbooks