- install.sh: replace unreachable $? check with `if !` pattern (set -e
exits before the check runs on Windows mklink failure)
- settings.json: remove fragile Bash deny patterns that can't match across
path separators; broaden .env denies to recursive **/.env with Read/Write/Edit
- worker-protocol: align QA instruction with qa-checklist — qa_check goes in
frontmatter envelope, not as a prose line
- Replace command-specific Bash denies (cat/less) with broad glob
patterns that catch any command referencing .ssh, .aws, .gnupg, .env
- Add Write/Edit deny rules for ~/.ssh, ~/.aws, ~/.gnupg to prevent
writes, not just reads
