test(ORCH-022): isolate TC-17 worktree under tmp_path (fix CI PermissionError on /repos/_wt)

TC-17 seeded 17-security-report.md via get_worktree_path() which resolves to
settings.worktrees_dir (default /repos/_wt) -> the test wrote into the real shared
host worktree path. In CI that dir is owned by another user -> PermissionError.

Monkeypatch git_worktree.settings.worktrees_dir to tmp_path/_wt (same pattern as
test_git_worktree.py / test_merge_gate.py). Prod logic untouched.

tests/test_stage_engine_security_gate.py

@@ -158,13 +158,19 @@ def test_tc16_fail_rolls_back_and_enqueues_developer(monkeypatch):
 # ---------------------------------------------------------------------------
 # TC-17 — the rollback task_desc carries the verbatim findings (ORCH-046).
 # ---------------------------------------------------------------------------
-def test_tc17_task_desc_has_verbatim_findings(monkeypatch):
+def test_tc17_task_desc_has_verbatim_findings(monkeypatch, tmp_path):
     """TC-17: the re-launched developer's task_desc embeds the verbatim finding
     substance (not just a link), following the ORCH-046 pattern."""
     reason = "2 secret(s): aws-access-key in src/config.py:12"
     _qg_with_security(monkeypatch, _fail(reason))
     task_id = _make_task("deploy-staging", repo="enduro-trails")
 
+    # Isolate the worktree base under tmp_path so this test never touches the real
+    # shared /repos/_wt host path (PermissionError in CI). Mirrors the pattern in
+    # tests/test_git_worktree.py / test_merge_gate.py.
+    from src import git_worktree
+    monkeypatch.setattr(git_worktree.settings, "worktrees_dir", str(tmp_path / "_wt"))
+
     # Seed a real 17-security-report.md in the worktree so extract_security_findings
     # has a verbatim body to excerpt.
     wt = stage_engine.get_worktree_path("enduro-trails", _BRANCH)