Add comprehensive security audit (86 findings across 10 areas)

Secure dev auth with signed tokens, add email support for --user
Simplify breakpoint variables, suppress Sass deprecation warnings

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

app/RSpade/upstream_changes/claude_question_guard_12_18.txt

@@ -0,0 +1,46 @@
+  Claude Code Hook Implementation
+
+  Instructions (for applying to other projects)
+
+  1. Create the hook script at .claude/hooks/question-guard.sh:
+
+  #!/bin/bash
+
+  # Read JSON input from stdin and extract the prompt field
+  prompt=$(cat | jq -r '.prompt // empty')
+
+  # Check if the prompt ends with a question mark (ignoring trailing whitespace)
+  if echo "$prompt" | grep -qE '\?\s*$'; then
+      # Use JSON additionalContext for discrete injection (not shown to user)
+      cat <<'EOF'
+  {
+    "hookSpecificOutput": {
+      "hookEventName": "UserPromptSubmit",
+      "additionalContext": "STOP: This is a QUESTION. Suspend the current task, if any, and answer the question directly and concisely. Do NOT take any further actions, run any tools (except as necessary to answer the question), or continue previous work until instructed to 'resume' or otherwise continue the task. Wait for the user's next instruction."
+    }
+  }
+  EOF
+  fi
+
+  2. Make it executable:
+  chmod +x .claude/hooks/question-guard.sh
+
+  3. Add to .claude/settings.json (or .claude/settings.local.json for local-only):
+  {
+    "hooks": {
+      "UserPromptSubmit": [
+        {
+          "hooks": [
+            {
+              "type": "command",
+              "command": ".claude/hooks/question-guard.sh"
+            }
+          ]
+        }
+      ]
+    }
+  }
+
+  Requirements
+
+  - jq must be installed on the system