feat: Phase 5 - Metrics and dashboard API (T-020)

- Add GET /metrics/summary endpoint with global coverage counts and percentage
- Add GET /metrics/by-tactic endpoint with per-tactic coverage breakdown
- Handle multi-tactic techniques (comma-separated) counting in each tactic
- Add CoverageSummary and TacticCoverage Pydantic schemas
- Update README with metrics endpoints and project structure

README.md

@@ -127,6 +127,12 @@ Once the backend is running, access the interactive API documentation at:
 | POST | `/api/v1/system/sync-mitre` | Admin | Manually trigger MITRE ATT&CK sync |
 | GET | `/api/v1/system/scheduler-status` | Admin | Background scheduler health & job list |
 
+### Metrics
+| Method | Route | Auth | Description |
+|--------|-------|------|-------------|
+| GET | `/api/v1/metrics/summary` | Authenticated | Global coverage summary (counts + percentage) |
+| GET | `/api/v1/metrics/by-tactic` | Authenticated | Coverage breakdown per MITRE tactic |
+
 ## Project Structure
 
 ```
@@ -166,7 +172,8 @@ Aegis/
 │       │   ├── techniques.py   # CRUD techniques (list, detail, create, update, review)
 │       │   ├── tests.py        # CRUD tests (create, detail, update, validate, reject)
 │       │   ├── evidence.py     # Upload evidence, presigned download
-│       │   └── system.py       # MITRE sync trigger, scheduler status
+│       │   ├── system.py       # MITRE sync trigger, scheduler status
+│       │   └── metrics.py      # Coverage summary & per-tactic breakdown
 │       ├── dependencies/       # FastAPI dependencies (DI)
 │       │   └── auth.py         # get_current_user, require_role, require_any_role
 │       ├── jobs/               # Background scheduled jobs