Integrates skill-security-auditor as automated CI check per #241:
- Detects which skill directories changed in the PR (diff-based)
- Runs skill_security_auditor.py --strict --json on each changed skill
- Posts findings as a formatted PR comment with severity breakdown
- Blocks merge on FAIL verdict (critical findings)
- Skips non-skill paths (.github, docs, scripts, etc.)
- Updates existing comment on re-push (no comment spam)
- Concurrency grouping prevents parallel runs on same PR
cc3dfc877a