fix(security): wire orchestrator to handle consolidateFindings.blocked signal

[avifenesh]

Summary

Closes a gap from #25. That PR added blocked/blockReason to consolidateFindings in commands/audit-project-agents.md, but the /audit-project orchestrator's Phase 6 iteration loop never read those fields - it only checked remainingIssues.length === 0. A prompt-injected reviewer subagent could mass-mark findings as falsePositive to zero the severity counter and silently approve.

This PR wires the blocked branch into Phase 6 using the same three-option AskUserQuestion pattern as prepare-delivery/skills/orchestrate-review/SKILL.md (lines ~326-374):

• Treat flagged findings as open - strip falsePositive flags on the current raw agent results and re-run consolidateFindings in place. No reviewer re-spawn (mirrors prepare-delivery b09ca9c).
• Override and approve - record suspicious: true + falsePositiveRatio in workflow state and exit.
• Abort workflow - workflowState.failPhase(blockReason).

The blocked check runs BEFORE the zero-issues exit. Otherwise a blocked result with all findings flagged would slip through as "zero remaining".

Changes

• commands/audit-project.md Phase 6 (lines ~294-318 before, ~294-379 after): rewrote the iteration loop to consume raw agent results, call consolidateFindings, branch on .blocked, then check zero-issues.

Test plan

• Manual: simulate a reviewer returning 6/10 findings as falsePositive and confirm the AskUserQuestion gate fires
• Manual: "Treat as open" path re-aggregates without re-spawning reviewers
• Manual: "Abort" path calls workflowState.failPhase
• Parity with prepare-delivery/skills/orchestrate-review/SKILL.md iteration loop confirmed by diff review

---

Note

Medium Risk
Changes the /audit-project iteration/approval control flow to gate suspicious reviewer outputs, so mistakes could block reviews or allow approvals if mis-handled, but it reduces a prompt-injection bypass risk.

Overview
Prevents the Phase 6 iteration loop in commands/audit-project.md from silently exiting when reviewers mass-mark findings as falsePositive by switching the loop to track raw agent results, re-run consolidateFindings, and honor its new blocked/blockReason signal.

When blocked is set, the workflow now prompts the user via AskUserQuestion to either treat flagged findings as open (strip falsePositive flags and re-aggregate without re-spawning reviewers), override and approve (record suspicious: true plus falsePositiveRatio), or abort (fail the phase), and this check runs before the zero-issues exit.

^{Reviewed by Cursor Bugbot for commit 2207230. Configure here.}

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 2207230. Configure here.}