Make sure that generated inspection commands are runnable

[lukpueh]

Based on the inputs from the quality assurance page we generate and suggest in-toto inspections for expected return value and stdout/stderr.

While the suggested command line tools do exist, we still have to make sure that inspect-byproducts and inspect-return-value are actually on the verfier's path (c.f. in-toto/in-toto#109).

Furthermore, the suggested link file names that are required as command line argument by above inspection commands are not fully accurate.
E.g. if the user has specified a qa step qa-1 whose return value must be 0 we suggest an inspection command inspect-return-value --link="qa-1.link" --eq 0, while in reality the link file name will have a functionary keyid as infix.
Hence, we have to update the suggested commands, once the user has authorized the respective functionaries and uploaded their keys (on the functionaries and authorizing pages).