fix: resolve multiple reported issues (#205, #182, #188, #172, #173) (#207)

* fix: resolve multiple reported issues (#205, #182, #188, #172, #173)

- fix(observe.sh): replace triple-quote JSON parsing with stdin pipe to
  prevent ~49% parse failures on payloads with quotes/backslashes/unicode
- fix(hooks.json): correct matcher syntax to use simple tool name regexes
  instead of unsupported logical expressions; move command/path filtering
  into hook scripts; use exit code 2 for blocking hooks
- fix(skills): quote YAML descriptions containing colons in 3 skill files
  and add missing frontmatter to 2 skill files for Codex CLI compatibility
- feat(rules): add paths: filters to all 15 language-specific rule files
  so they only load when working on matching file types
- fix(agents): align model fields with CONTRIBUTING.md recommendations
  (opus for planner/architect, sonnet for reviewers/workers, haiku for
  doc-updater)

* ci: use AgentShield GitHub Action instead of npx

Switch from npx ecc-agentshield to uses: affaan-m/agentshield@v1
for proper GitHub Action demo and marketplace visibility.

agents/security-reviewer.md

@@ -2,7 +2,7 @@
 name: security-reviewer
 description: Security vulnerability detection and remediation specialist. Use PROACTIVELY after writing code that handles user input, authentication, API endpoints, or sensitive data. Flags secrets, SSRF, injection, unsafe crypto, and OWASP Top 10 vulnerabilities.
 tools: ["Read", "Write", "Edit", "Bash", "Grep", "Glob"]
-model: opus
+model: sonnet
 ---
 
 # Security Reviewer