feat(readiness): add /production-readiness-review parallel multi-agent review command

[naimkatiman]

Summary

Adds /production-readiness-review, the review-side sibling of /ship: it fans blind specialized reviewers across performance, security, UI/UX, and test coverage — each grounding findings in real code, logs, or live data — then reconciles them into one deduplicated, severity-ranked punch-list. Report-only; it never fixes, merges, or deploys.

Closes R13 from the 2026-06-17 report-coverage map: the parallel-review pieces already existed (superpowers:dispatching-parallel-agents + the severity-rating security-auditor / test-engineer agents) but nothing bound them into a named readiness gate.

What it does

1. Scope — ground truth on the diff under review; recent changes get extra scrutiny (likeliest source of self-inflicted defects).
2. Fan out — dispatching-parallel-agents launches four blind reviewers (perf/bundle; security/data-access via security-auditor; UI/UX via Playwright when available, else static; test coverage/flaky-mocks via test-engineer), each forbidden from assuming or fabricating state.
3. Reconcile — dedupe across reviewers, rank CRITICAL/HIGH/MEDIUM/LOW by severity + confidence, flag defects introduced by the changes under review.
4. Present — emit the punch-list and stop. Fixing a finding is a separate /ship run.

Scope

• In: commands/production-readiness-review.md (command-only) + generated mirror + plan doc.
• Out (deferred): no new skill/hook/.mts code; no auto-fix (report-only); no merge/deploy; not added to the proceed-with-the-recommendation routing table (so routing-targets is untouched).

Files

• commands/production-readiness-review.md — hand-authored source
• plugins/continuous-improvement/commands/production-readiness-review.md — generated mirror (npm run build)
• docs/plans/2026-06-17-production-readiness-review-command.md — plan

Verification

• npm run verify:all — green (12/12 invariants + typecheck: everything-mirror 59/59, routing-targets 37/37, tool-count expert=19 / beginner=4, doc-runtime-claims clean — the command avoids runtime-gate phrasing).
• install.test — 29/29 pass. ALL_COMMAND_FILES unchanged; the command distributes via the plugin bundle, not the curated standalone-installer set.
• No .mts source changes; no .mjs regeneration beyond the command mirror.

Test plan

• CI green on the PR
• Manual: /production-readiness-review #<pr> fans the four reviewers and returns one deduplicated, severity-ranked punch-list without editing code

Part of the 2026-06-17 report-coverage build train; PR #246 (/ship) is the fix-side sibling. No new dependencies.

[gemini-code-assist]

Code Review

This pull request introduces the /production-readiness-review command, which orchestrates a parallel multi-agent readiness gate fanning across performance, security, UI/UX, and test coverage, and then reconciles findings into a prioritized punch-list. The changes include the command specification, its design plan, and the generated plugin mirror. Feedback on the design plan suggests removing code-reviewer from the list of cited agents to accurately reflect the actual implementation, which only routes through security-auditor and test-engineer.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[gemini-code-assist]

The plan lists code-reviewer under the "Cited agents" risk check, but the /production-readiness-review command itself does not cite or route through the code-reviewer agent (it only routes through security-auditor and test-engineer). To keep the plan accurate and aligned with the actual implementation, we should remove code-reviewer from this list.

Suggested change

	- Cited agents (`code-reviewer`, `security-auditor`, `test-engineer`) and `superpowers:dispatching-parallel-agents` must exist — all confirmed present.
	- Cited agents (security-auditor, test-engineer) and superpowers:dispatching-parallel-agents must exist — all confirmed present.