feat: Add security-audit skill for codebase vulnerability analysis

[theLightArchitect]

Summary

Adds a new security-audit skill — the first security-focused skill in the repository (16 existing skills, 0 security).

The skill provides a structured 4-phase audit workflow:

1. Reconnaissance — Map attack surface, entry points, trust boundaries, auth model, and data flows
2. Dependency Audit — Supply chain analysis with built-in audit commands for 7 ecosystems (npm, pip, cargo, go, bundle, composer, yarn)
3. Code Analysis — Systematic review covering OWASP Top 10 plus additional categories (12 total): injection, XSS, auth, access control, secrets, crypto, deserialization, SSRF, race conditions, misconfiguration, logging
4. Report — Structured findings with severity ratings, file locations, confidence thresholds, evidence, and remediation guidance

Includes scope adjustment guidance for partial audits (quick scan, dependency-only, secrets-only, OWASP-only).

Design decisions:

• Follows existing skill conventions (studied mcp-builder, webapp-testing, frontend-design, and others for style/structure)
• Practical over academic — concrete patterns to search for, actual commands to run
• Confidence threshold to reduce false positives (only report findings with reasonable confidence)
• Severity definitions aligned with industry standards (Critical → Info)

Test plan

• Skill loads correctly in Claude Code via /security-audit
• Frontmatter parses correctly (name, description, license)
• Phase workflow produces structured output
• Scope adjustments work for partial audits

🤖 Generated with Claude Code