Chris Farhood
f89b73f7b3
- safety: drop tools section (moved to sdlc); relax kubectl-apply ban to production-only (dev and uat permit direct kubectl for iteration); keep kubectl-create-secret ban at all environments - sdlc: split Authentication into its own section (Better-Auth + Google + Apple + Authentik); add Tools (canonical, not alternatives) section moved from safety, including the playwright MCP and ghcr.io registry standard