docs: add supply chain visual explainer and update README

- Replace placeholder docs/index.html with interactive architecture diagram
  (blueprint aesthetic, responsive nav, covers critic system + all 6
  hardening layers + refresh/verify workflows)
- Update README with supply chain security section, full command reference,
  js-critic-router agent, and shared-js-core skill in install instructions
- Remove stale TODO section from CLAUDE.md, add visual explainer link
- Link to GitHub Pages: https://zivtech.github.io/react-critic/

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: AlexU-A

CLAUDE.md

@@ -34,6 +34,8 @@ python3 scripts/aggregate_stability.py
 
 ## Supply Chain Security
 
+[Visual explainer](https://zivtech.github.io/react-critic/) — interactive architecture diagram hosted on GitHub Pages.
+
 External skills are loaded by reference (pinned commit SHA + content SHA-256 hash).
 
 - `content_sha256` in manifests stores the SHA-256 of each skill's SKILL.md at the pinned commit.
@@ -57,19 +59,3 @@ but should be verified before adding a new owner to `TRUSTED_OWNERS`.
 - Results: `research/benchmarks/results/`
 - Scoring: rubric-coverage evaluation (prompt checklist vs annotated fixture issues)
 - Seeds: 3 jackknife windows per critic; aggregate stability in `stability-report.md`
-
-## TODO: Supply Chain Security for External Skills
-
-The external skills manifests (`external-skills-manifest.yaml`) pin upstream skills by commit SHA, but the current tooling has supply chain gaps that need to be addressed:
-
-1. **No diff review on refresh** — `refresh_external_skills.py` updates pins to HEAD silently. No changelog or diff of what changed in upstream SKILL.md files between the old and new pin.
-2. **No content scanning** — nothing checks incoming skill content for suspicious patterns (prompt injection markers, instruction overrides, encoded payloads). These skills are prompt text injected into Claude's context.
-3. **No signature/author verification** — anyone with push access to an upstream repo can change what gets loaded.
-4. **No approval gate** — refresh runs and updates pins automatically with no PR/review step.
-
-Minimum next steps:
-- Add diff output to `refresh_external_skills.py` so changes are visible before committing new pins.
-- Add basic content scanning rules (flag suspicious patterns like "ignore previous instructions", base64 blocks, etc.).
-- Consider requiring a PR for pin updates rather than committing directly.
-
-See also: drupal-critic has the same gaps and the same TODO.

README.md

@@ -2,17 +2,22 @@
 
 A multi-critic review suite for React, Next.js, and React Native/Expo work, built in the same orchestration style as drupal-critic.
 
+[**Architecture Visual Explainer**](https://zivtech.github.io/react-critic/) — interactive diagram of the critic system and supply chain security model.
+
 ## Included Critics
 
-- `react-critic`: React component and architecture review
-- `next-critic`: Next.js App Router and cache/runtime review
-- `react-native-critic`: React Native + Expo review
-- `proposal-critic`: Plan-first review for proposals, ADRs, RFCs, and migration specs across the React ecosystem
+- `react-critic`: React component and architecture review (9 external skills)
+- `next-critic`: Next.js App Router and cache/runtime review (11 external skills)
+- `react-native-critic`: React Native + Expo review (18 external skills)
+- `proposal-critic`: Plan-first review for proposals, ADRs, RFCs, and migration specs (5 external skills)
 
 All four critics:
 - enforce harsh-critic style structured output
 - require evidence for CRITICAL/MAJOR findings
 - load a maximum of 3 external specialist skills per run
+- apply a Security Exploitability Gate to all security findings
+
+A router agent (`js-critic-router`) dispatches to the correct critic based on framework signals.
 
 ## Install
 
@@ -22,17 +27,37 @@ cp -r react-critic/.claude/skills/react-critic ~/.claude/skills/
 cp -r react-critic/.claude/skills/next-critic ~/.claude/skills/
 cp -r react-critic/.claude/skills/react-native-critic ~/.claude/skills/
 cp -r react-critic/.claude/skills/proposal-critic ~/.claude/skills/
+cp -r react-critic/.claude/skills/shared-js-core ~/.claude/skills/
+cp react-critic/.claude/agents/js-critic-router.md ~/.claude/agents/
 cp react-critic/.claude/agents/react-critic.md ~/.claude/agents/
 cp react-critic/.claude/agents/next-critic.md ~/.claude/agents/
 cp react-critic/.claude/agents/react-native-critic.md ~/.claude/agents/
 cp react-critic/.claude/agents/proposal-critic.md ~/.claude/agents/
 ```
 
-## Validation
+## Supply Chain Security
+
+External skills are prompt text loaded from third-party GitHub repos into Claude's context. A compromised upstream repo means arbitrary prompt injection. This repo hardens against that:
+
+- **Org allowlist**: `TRUSTED_OWNERS` (15 orgs) in `scripts/skill_security.py` — unknown owners are rejected
+- **Pinned commits + content hashes**: each skill pinned to a commit SHA with SHA-256 of the SKILL.md content
+- **Injection scanning**: 10 prompt injection patterns checked on every refresh
+- **Scan gate**: manifest updates blocked if scan warnings found (`--force` to override after review)
+- **Approval gate**: `refresh_external_skills.py` is dry-run by default — shows diffs, requires `--approve`
+- **Compare URLs**: refresh report includes clickable GitHub diff links for every pin change
+
+See the [visual explainer](https://zivtech.github.io/react-critic/) for the full architecture diagram.
+
+## Commands
 
 ```bash
-python3 scripts/refresh_external_skills.py --check
-python3 scripts/verify_no_copied_skills.py
+python3 scripts/refresh_external_skills.py              # dry-run: show diffs
+python3 scripts/refresh_external_skills.py --approve     # apply pin + hash updates
+python3 scripts/refresh_external_skills.py --check       # CI: fail if updates needed
+python3 scripts/verify_no_copied_skills.py               # validate manifest structure
+python3 scripts/verify_no_copied_skills.py --verify-content  # fetch + hash verification
+python3 scripts/run_benchmark.py --all
+python3 scripts/aggregate_stability.py
 ```
 
 ## License