feat(skills): add laravel-security, laravel-tdd, and php-reviewer agent (#2122)

* feat(skills): add laravel-security, laravel-tdd, and php-reviewer agent

* fix: resolve code review findings across laravel-security, laravel-tdd, and php-reviewer

- laravel-security: replace env() with config() in runtime code,
  replace wildcard trusted proxies with CIDR ranges, remove blanket
  api/* CSRF exclusion, fix validated() return type, add null-safe
  rate limiter user access, sync mimes/extensions allowlists,
  replace #[Encrypted] with ShouldBeEncrypted, fix RateLimited args
- laravel-tdd: remove global withoutExceptionHandling() from setUp,
  remove contradictory assertNothingOutgoing(), fix undefined
  variable, replace invalid PHPUnit --min-coverage flag
- php-reviewer: fix Python contamination, add automated check
  requirement to approval criteria

* fix: align php-reviewer approval criteria and use config dot-notation keys

- agents/php-reviewer.md: sync approval criteria with .txt file version
  (add automated checks requirement for consistency across harnesses)
- skills/laravel-security/SKILL.md: replace raw env names with proper
  Laravel dot-notation config keys (app.key, services.stripe.*, etc.)
  so config() returns valid values instead of null

* fix: remove unnecessary secret validation for SMTP password

.opencode/opencode.json

@@ -290,6 +290,18 @@
         "edit": true
       }
     },
+    "php-reviewer": {
+      "description": "Expert PHP code reviewer specializing in PSR-12 compliance, PHP type system, Eloquent ORM patterns, security, and performance.",
+      "mode": "subagent",
+      "model": "anthropic/claude-opus-4-5",
+      "prompt": "{file:prompts/agents/php-reviewer.txt}",
+      "tools": {
+        "read": true,
+        "bash": true,
+        "write": false,
+        "edit": false
+      }
+    },
     "python-reviewer": {
       "description": "Expert Python code reviewer specializing in PEP 8 compliance, Pythonic idioms, type hints, security, and performance.",
       "mode": "subagent",