docs: validate extraction-pipeline plan against MN-law research

Applies the same MN-law validation pass to PLAN_med_mal_extraction_pipeline.md
that just landed on PLAN_med_mal_templates.md, surfacing ten substantive
deltas plus an architectural tension between the event log and tabular review
schemas. Net effect: the multi-day Phase 2 build no longer inherits the
breach-only red-flag bias or the missing MN-specific privacy/work-product
defenses that the original plan carried.

Schema changes (folded into the inline SQL):
- document_events gains provider_role (Plutshack role-specific SOC),
  episode_of_care (chronology clustering), privacy_class (§ 144.293 /
  § 145.64 / 42 CFR Part 2 segregation), and key_date_role (feeds Phase 4
  key_dates jsonb deadline-tracking widget). medications jsonb shape
  expanded with ordered_at / administered_at / allergy_conflict_flag /
  weight_based_dose_check_passed for the Mulder rule (Reinhardt).
- document_red_flags gains supports_element (Plutshack/Smith 4-cut) and
  awaits_expert_affidavit (closes loop with § 145.682(4)(a) checklist).
- RLS clause added to filter peer_review_145_64 rows from default queries.

Red-flag library rebalanced from 5 breach-only rules to 6 rules tagged
across the duty/breach/causation framework, including a new
temporal_anchor_causation rule that surfaces tight temporal anchors without
asserting causation (Plutshack/Smith still require expert testimony).

§Defenses expanded with four MN-specific policies:
- § 145.64 peer-review hard-refuse: extraction halts entirely on
  peer-review-marked documents; no events written. This is the strictest
  policy in the codebase.
- § 144.293 mental-health redaction-by-default until project-level toggle
  confirms the heightened authorization is on file.
- Rule 408 settlement-comms caveat: extracted but narrative prefixed with
  [Rule 408 - inadmissible to prove liability].
- Rule 26(b)(3) work-product opt-out: consulting-expert notes NOT extracted
  by default; project-level opt-in only.

§Out of scope grew with two permanent architectural separations:
- Causation-chain reasoning reserved for builtin-causation-chain tabular
  review (Plutshack/Smith expert testimony requirement; Dickhoff
  loss-of-chance fact-intensity).
- Provider-defendant entity resolution reserved for
  builtin-provider-defendant-map (Popovich two-factor test requires
  outside-the-record evidence - Rock v. Abdullah reliance-element limit).

Adds a Plan deltas appendix and Cited authority section mirroring the
research doc's format so future revisions can re-check against the same
source set. PDF re-rendered via reconstructed /tmp/jenn-mike/md_to_pdf.py
(markdown + weasyprint).