Body contains Unicode tag characters (U+E00xx) — ASCII smuggling / prompt injection

The email body contains Unicode "tag characters" (U+E0020..U+E007E, plus the U+E007F CANCEL TAG terminator) — invisible-to-humans codepoints in the Supplementary Private Use Area that encode the printable ASCII range. These were originally intended for language tagging in plain text, but RFC 6082 (2011) explicitly deprecated them and no modern software emits them for any legitimate purpose. Recent threat research ("ASCII smuggling") shows attackers embedding these in email bodies for two purposes: (1) prompt injection against AI email classifiers — sequences like `\u{E0069}\u{E0067}\u{E006E}\u{E006F}\u{E0072}\u{E0065}` decode to "ignore" and get read by LLMs that normalize Unicode, while remaining totally invisible to the user reading the same message; and (2) classifier-poisoning keyword smuggling — a text-based ML scorer with a broken tokenizer may read the tag-char sequence as ASCII and get its score skewed without the user seeing anything. Detection fires on a SINGLE tag-char occurrence (not a threshold of N) because legitimate email never contains even one. Weighted at +5, same as `href-dangerous-scheme:javascript` and `href-at-symbol-trick` — a decisive near-zero-false-positive attack signal.