fix(ci): resolve 9 remaining staticcheck issues

- SA5011: use t.Fatal instead of t.Error before nil pointer access in
  verification handler tests (stops test execution on nil)
- SA4006: replace unused lvalues with _ in repo_test.go and team_test.go
- ST1020: fix comment format on ListViolations to match method name

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

internal/api/handler/verification_handler_test.go

@@ -66,7 +66,7 @@ func TestVerifyDeployment_Success(t *testing.T) {
 	// Verify result was recorded
 	result := mockSvc.results["j-test1"]
 	if result == nil {
-		t.Error("expected verification result to be recorded")
+		t.Fatal("expected verification result to be recorded")
 	}
 	if !result.Verified {
 		t.Error("expected Verified to be true")
@@ -98,7 +98,7 @@ func TestVerifyDeployment_FingerPrintMismatch(t *testing.T) {
 
 	result := mockSvc.results["j-test2"]
 	if result == nil {
-		t.Error("expected verification result to be recorded")
+		t.Fatal("expected verification result to be recorded")
 	}
 	if result.Verified {
 		t.Error("expected Verified to be false")

internal/repository/postgres/repo_test.go

@@ -212,7 +212,7 @@ func TestCertificateRepository_List_Filtering(t *testing.T) {
 	}
 
 	// Filter by environment
-	certs, total, err = repo.List(ctx, &repository.CertificateFilter{Environment: "production"})
+	_, total, err = repo.List(ctx, &repository.CertificateFilter{Environment: "production"})
 	if err != nil {
 		t.Fatalf("List with env filter failed: %v", err)
 	}
@@ -1102,7 +1102,7 @@ func TestDiscoveryRepository_ScanCRUD(t *testing.T) {
 	}
 
 	// ListScans with empty agent (all)
-	scans, total, err = repo.ListScans(ctx, "", 1, 10)
+	_, total, err = repo.ListScans(ctx, "", 1, 10)
 	if err != nil {
 		t.Fatalf("ListScans all failed: %v", err)
 	}
@@ -1188,7 +1188,7 @@ func TestDiscoveryRepository_DiscoveredCertCRUD(t *testing.T) {
 	}
 
 	// ListDiscovered
-	certs, total, err := repo.ListDiscovered(ctx, &repository.DiscoveryFilter{Page: 1, PerPage: 10})
+	_, total, err := repo.ListDiscovered(ctx, &repository.DiscoveryFilter{Page: 1, PerPage: 10})
 	if err != nil {
 		t.Fatalf("ListDiscovered failed: %v", err)
 	}

internal/service/policy.go

@@ -299,7 +299,7 @@ func (s *PolicyService) DeletePolicy(id string) error {
 	return s.policyRepo.DeleteRule(context.Background(), id)
 }
 
-// ListViolationsHandler returns policy violations with pagination (handler interface method).
+// ListViolations returns policy violations with pagination (handler interface method).
 func (s *PolicyService) ListViolations(policyID string, page, perPage int) ([]domain.PolicyViolation, int64, error) {
 	if page < 1 {
 		page = 1

internal/service/team_test.go

@@ -136,7 +136,7 @@ func TestTeamService_List_DefaultPagination(t *testing.T) {
 	}
 
 	// Test perPage < 1 defaults to 50
-	teams, total, err = teamService.List(ctx, 1, 0)
+	teams, _, err = teamService.List(ctx, 1, 0)
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
 	}