Add countSensitiveMessages for pre-scan sensitive content detection

Export a new countSensitiveMessages() function that returns how many
messages in an array contain at least one sensitive pattern match.
Checks both content and toolInput fields, counting each message at
most once regardless of how many matches it contains.

Tests verify zero counts for clean messages, correct counting with
mixed sensitive/clean messages, and the single-count-per-message
invariant when multiple secrets appear in one message.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

src/shared/sensitive-redactor.ts

@@ -449,3 +449,25 @@ export function redactMessage(msg: ParsedMessage): ParsedMessage {
     // toolName is typically safe (e.g. "Bash", "Read") — pass through unchanged
   };
 }
+
+/**
+ * Counts how many messages contain at least one sensitive match.
+ * Checks both content and toolInput fields.
+ */
+export function countSensitiveMessages(messages: ParsedMessage[]): number {
+  let count = 0;
+  for (const msg of messages) {
+    const contentResult = redactSensitiveContent(msg.content);
+    if (contentResult.redactionCount > 0) {
+      count++;
+      continue;
+    }
+    if (msg.toolInput) {
+      const inputResult = redactSensitiveContent(msg.toolInput);
+      if (inputResult.redactionCount > 0) {
+        count++;
+      }
+    }
+  }
+  return count;
+}