docs(mnemosyne): update Phase 3 status to implemented

Mark per-turn JWT access control as implemented in the Mnemosyne
integration docs. Update Phase 2/3 status tables, replace deferred
language with concrete implementation details, and document the
`MCPSigningKey` model, `resolve_mcp_jwt`, and `_scope_from_claims`
components now live in the MCP server.

mnemosyne/mcp_server/admin.py

@@ -1,6 +1,6 @@
 from django.contrib import admin
 
-from .models import MCPToken
+from .models import MCPSigningKey, MCPToken
 
 
 @admin.register(MCPToken)
@@ -36,3 +36,12 @@ class MCPTokenAdmin(admin.ModelAdmin):
         # so the plaintext can be surfaced to the user. Adding via admin
         # would persist a hash with no plaintext ever shown.
         return False
+
+
+@admin.register(MCPSigningKey)
+class MCPSigningKeyAdmin(admin.ModelAdmin):
+    list_display = ["kid", "is_active", "created_at", "retired_at", "note"]
+    list_filter = ["is_active"]
+    search_fields = ["kid", "note"]
+    readonly_fields = ["created_at", "retired_at"]
+    fields = ["kid", "secret_hex", "is_active", "note", "created_at", "retired_at"]