fix(ci): handle fork PRs in GitHub Actions workflows

Fork-based PRs (like PR #498) caused all CI checks to fail due to:
- ci-quality-gate: checkout failed because fork branch names don't exist
  in the base repo. Now uses commit SHA for PR events.
- skill-security-audit: comment posting failed with read-only GITHUB_TOKEN.
  Now continues on error and writes results to job summary as fallback.
- claude-code-review: fallback comment step failed silently. Now continues
  on error and writes status to job summary.

https://claude.ai/code/session_01X1RKFAkEwxgg6gQvJG1KCa

.github/workflows/skill-security-audit.yml

@@ -191,8 +191,17 @@ jobs:
           echo "report_file=$REPORT_FILE" >> "$GITHUB_OUTPUT"
           echo "exit_code=$OVERALL_EXIT" >> "$GITHUB_OUTPUT"
 
+      - name: Post audit results to job summary
+        if: always()
+        run: |
+          REPORT_FILE="${{ steps.audit.outputs.report_file }}"
+          if [ -f "$REPORT_FILE" ]; then
+            cat "$REPORT_FILE" >> "$GITHUB_STEP_SUMMARY"
+          fi
+
       - name: Post audit results as PR comment
         if: always()
+        continue-on-error: true  # Fork PRs have read-only GITHUB_TOKEN
         uses: actions/github-script@v7
         with:
           script: |