kosli-dev/cli

AI Summary: This issue proposes adding a new test to ensure the `kosli fingerprint --artifact-type=oci` command adheres to a clean output contract, where stdout contains the fingerprint and stderr is empty. This is necessary because the OCI fingerprinting logic is distinct and could introduce unexpected output, potentially masking regressions.

AI Summary: Debug and fix a bug in the Kosli CLI where the `kosli assert artifact` command returns a localhost URL instead of the expected app.kosli.com URL when reporting compliance events. This involves investigating why the correct Kosli instance URL isn't being used and correcting the code to ensure it uses the production URL.