Adds docs/th/README.md with a concise onboarding-style Thai
translation mirroring the docs/vi-VN format. Updates the language
switchers in the English, Simplified Chinese, Traditional Chinese,
Japanese, Korean, Portuguese (BR), Russian, Turkish, Vietnamese,
and Simplified Chinese docs READMEs to link to the new Thai page.
The English README remains the canonical source of truth; the Thai
page links back to it for full content.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- add a current Vietnamese onboarding README adapted from stale community PR #1322
- link Vietnamese from the existing localized README language selectors
- keep stale full translation content out of tree while preserving useful contributor work
Translate English prose inside plain text code blocks (```text, ```)
across ja-JP documentation to Japanese, following the same approach
as PR #753 (zh-CN translation).
Translated content includes:
- Output template labels and status messages
- Folder tree inline comments
- CLI workflow descriptions
- Error/warning message examples
- Commit message templates and PR title examples
Technical identifiers, file paths, and actual code remain untranslated.
When installed as a plugin, /plan triggers Claude Code's built-in plan
mode instead of the plugin's plan skill. Updated all 4 README files
(EN, zh-CN, zh-TW, ja-JP) to show the plugin-namespaced form with a
comment noting the shorter form works for manual installs.
Also fixes markdownlint MD012 violation in chief-of-staff.md (trailing
double blank line from #280 merge).
Fixes#297
New articles:
- the-security-guide.md: "The Shorthand Guide to Securing Your Agent" (595 lines)
Attack vectors, sandboxing, sanitization, OWASP Top 10, observability
- the-openclaw-guide.md: "The Hidden Danger of OpenClaw" (470 lines)
Security analysis of OpenClaw, MiniClaw thesis, industry evidence
External link sanitization (22 files across EN, zh-CN, zh-TW, ja-JP, .cursor):
- Removed third-party GitHub links from skills and guides
- Replaced with inline descriptions to prevent transitive prompt injection
- Kept official org links (Anthropic, Google, Supabase, Mixedbread)
New community skills: content-hash-cache-pattern, cost-aware-llm-pipeline,
regex-vs-llm-structured-text, swift-actor-persistence, swift-protocol-di-testing
