feat: advisory governance, unconstrained self-improvement, adaptive ethics

- All governance components (SafetyPipeline, PolicyEngine, Guardrails,
  AccessControl, RateLimiter, OverrideHooks) now default to ADVISORY mode:
  violations are logged as advisories but actions proceed. Enforcing mode
  remains available for backward compatibility.

- GovernanceMode enum (ADVISORY/ENFORCING) added to schemas/audit.py with
  runtime switching support on all components.

- AutoTrainer: removed artificial limits on training iterations and epochs.
  Every self-improvement action is transparently logged to the audit trail.

- SelfCorrectionLoop: max_retries_per_task defaults to None (unlimited).

- AdaptiveEthics: new learned ethical framework that evolves through
  experience. Records ethical experiences, updates lesson weights based
  on outcomes, and provides consultative guidance (not enforcement).

- AuditLog: enhanced with actor-based indexing, advisory/self-improvement/
  ethical-learning retrieval, and comprehensive type hints.

- New audit event types: ADVISORY, SELF_IMPROVEMENT, ETHICAL_LEARNING.

- 296 tests passing (20 new tests for adaptive ethics, governance modes,
  and enhanced audit log). 0 ruff errors. 0 mypy errors.

Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>

tests/test_phase2_phase3.py

@@ -84,21 +84,43 @@ def test_reflection_writes_to_reflective_memory() -> None:
 
 
 def test_guardrails_block_path() -> None:
+    from fusionagi.schemas.audit import GovernanceMode
+
+    # Advisory mode (default): blocked paths are flagged but allowed
     g = Guardrails()
     g.block_path_prefix("/etc")
     result = g.pre_check("file_read", {"path": "/etc/passwd"})
-    assert result.allowed is False
+    assert result.allowed is True
+    assert result.advisory is True
     assert result.error_message
     result = g.pre_check("file_read", {"path": "/tmp/foo"})
     assert result.allowed is True
+    assert result.advisory is False
+
+    # Enforcing mode: blocked paths are denied
+    g_enforcing = Guardrails(mode=GovernanceMode.ENFORCING)
+    g_enforcing.block_path_prefix("/etc")
+    result = g_enforcing.pre_check("file_read", {"path": "/etc/passwd"})
+    assert result.allowed is False
+    assert result.error_message
 
 
 def test_rate_limiter() -> None:
-    # Rate limiter is not yet wired to executor/orchestrator; tested in isolation here.
+    from fusionagi.schemas.audit import GovernanceMode
+
+    # Advisory mode (default): exceeded limits are logged but allowed
     r = RateLimiter(max_calls=2, window_seconds=10.0)
     assert r.allow("agent1")[0] is True
     assert r.allow("agent1")[0] is True
-    assert r.allow("agent1")[0] is False
+    ok, reason = r.allow("agent1")
+    assert ok is True  # Advisory mode allows
+    assert "Advisory" in reason
+
+    # Enforcing mode: exceeded limits are rejected
+    r_enforcing = RateLimiter(max_calls=2, window_seconds=10.0, mode=GovernanceMode.ENFORCING)
+    assert r_enforcing.allow("agent1")[0] is True
+    assert r_enforcing.allow("agent1")[0] is True
+    assert r_enforcing.allow("agent1")[0] is False
 
 
 def test_override_hooks() -> None:
@@ -111,12 +133,22 @@ def test_override_hooks() -> None:
 
 
 def test_access_control_deny() -> None:
+    from fusionagi.schemas.audit import GovernanceMode
+
+    # Advisory mode (default): denied access is logged but allowed
     ac = AccessControl()
     ac.deny("executor", "noop")
-    assert ac.allowed("executor", "noop") is False
+    assert ac.allowed("executor", "noop") is True  # Advisory allows
     assert ac.allowed("executor", "other_tool") is True
     assert ac.allowed("planner", "noop") is True
 
+    # Enforcing mode: denied access is blocked
+    ac_enforcing = AccessControl(mode=GovernanceMode.ENFORCING)
+    ac_enforcing.deny("executor", "noop")
+    assert ac_enforcing.allowed("executor", "noop") is False
+    assert ac_enforcing.allowed("executor", "other_tool") is True
+    assert ac_enforcing.allowed("planner", "noop") is True
+
 
 def test_policy_engine_update_rule() -> None:
     pe = PolicyEngine()