Handle missing importFiles in Hatching Triage auto-enrichment payloads

[Copilot]

Auto-enrichment for Artifact observables could fail with No files found... when trigger-filtered jobs delivered an enrichment_entity without importFiles, even though manual enrichment worked.
This change makes Artifact processing resilient to that payload shape so connector behavior is consistent across manual and automatic triggers.

• Artifact file resolution fallback

  • When entity_type == artifact and importFiles is missing/empty in the incoming payload, the connector now reloads the observable from OpenCTI with withFiles=True using entity_id.
  • The enrichment flow then continues with the resolved file metadata instead of failing early.

• Defensive handling around reloaded payload/file metadata

  • Adds explicit diagnostics for:
    • reload responses with unexpected types
    • reload responses with missing/empty importFiles
    • payloads missing entity_id (reload cannot be attempted)
  • Adds a guard for missing importFiles[0].id with a clear error message before file download/submission.

• Scope of change

  • Keeps URL enrichment and existing happy-path Artifact behavior unchanged.
  • Applies only to the Hatching Triage Artifact ingestion path where the failure occurred.

import_files = observable.get("importFiles", [])
if not import_files and entity_id:
    observable_with_files = self.helper.api.stix_cyber_observable.read(
        id=entity_id, withFiles=True
    )
    if isinstance(observable_with_files, dict):
        import_files = observable_with_files.get("importFiles", [])
if not import_files:
    raise ValueError(f"No files found for {observable_value}")