fix: resolve multiple reported issues (#205, #182, #188, #172, #173) (#207)

* fix: resolve multiple reported issues (#205, #182, #188, #172, #173)

- fix(observe.sh): replace triple-quote JSON parsing with stdin pipe to
  prevent ~49% parse failures on payloads with quotes/backslashes/unicode
- fix(hooks.json): correct matcher syntax to use simple tool name regexes
  instead of unsupported logical expressions; move command/path filtering
  into hook scripts; use exit code 2 for blocking hooks
- fix(skills): quote YAML descriptions containing colons in 3 skill files
  and add missing frontmatter to 2 skill files for Codex CLI compatibility
- feat(rules): add paths: filters to all 15 language-specific rule files
  so they only load when working on matching file types
- fix(agents): align model fields with CONTRIBUTING.md recommendations
  (opus for planner/architect, sonnet for reviewers/workers, haiku for
  doc-updater)

* ci: use AgentShield GitHub Action instead of npx

Switch from npx ecc-agentshield to uses: affaan-m/agentshield@v1
for proper GitHub Action demo and marketplace visibility.

.github/workflows/security-scan.yml

@@ -25,11 +25,10 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
+      - name: Run AgentShield Security Scan
+        uses: affaan-m/agentshield@v1
         with:
-          node-version: '20.x'
-
-      - name: Run AgentShield security scan
-        run: npx ecc-agentshield scan --path . --min-severity medium --format terminal
-        continue-on-error: true  # Informational only — ECC contains intentional config examples
+          path: '.'
+          min-severity: 'medium'
+          format: 'terminal'
+          fail-on-findings: 'false'