Ship [SUBSTRATE-ABORT] namespace prefix to stop Phase 3.5 false-recovery on legitimate substrate aborts (3rd pattern)

Ship [SUBSTRATE-ABORT] namespace prefix in bin/spawn-guard.sh + bin/lease-renew.sh::_p35_check_task to stop Phase 3.5 false-recovering on legitimate substrate-side aborts. CARRY-FORWARD from 2026-06-16 reflection (memory/2026-06-16.md). 3rd distinct pattern bitten Mon 2026-06-15: allowlist-empty-abandoned-with-fallback. Prior patterns: phantom-claim (2026-06-11) and allowlist-empty-abort (2026-06-14). Original deferral was per anti-bleed Monday rule. Tuesday is the ship day per "If a 4th pattern hits before ship, ship inline regardless of anti-bleed" + reflection note "now overdue." Implementation: 1. Define stable prefix [SUBSTRATE-ABORT] for sub-agent abort messages so Phase 3.5 substantive-event heuristic can exclude them by namespace, not just length/content. 2. Update bin/spawn-guard.sh::release_spawn to optionally write events with [SUBSTRATE-ABORT] prefix when the outcome is "aborted - <substrate-side reason>" (allowlist gap, sandbox unavailable, runtime missing, etc.). 3. Update bin/lease-renew.sh::_p35_check_task to skip subagent_completed events whose message starts with [SUBSTRATE-ABORT]. 4. Ship tests covering: (a) phantom-claim still false-recovered correctly NO (excluded by prefix), (b) real completion still substantive YES, (c) legitimate substrate-side abort excluded NO. Acceptance: Phase 3.5 no longer false-recovers tasks that were aborted by the substrate, and the heuristic now uses a stable namespace not a fragile length/content test. Priority: 2.