Document onlyBuiltDependencies security model in CLAUDE.md

## Background
Following PR #42 (pnpm update), we added `onlyBuiltDependencies` configuration to `pnpm-workspace.yaml` as a security enhancement.

## Task
Document the security model in CLAUDE.md to help team members understand:

- What `onlyBuiltDependencies` does (prevents unauthorized packages from running build scripts)
- Why we chose these specific packages: `core-js`, `esbuild`, `msw`, `sharp`, `unrs-resolver`
- Security benefits (supply chain attack prevention)
- How to evaluate new packages for inclusion

## Acceptance Criteria
- [ ] Add section to CLAUDE.md explaining the security model
- [ ] Document the approved package list and rationale
- [ ] Include guidelines for adding new build dependencies

## Reference
- Suggested by Claude bot in PR #42 review
- Part of maintenance best practices

## Priority
Low - Documentation enhancement, not blocking

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Document onlyBuiltDependencies security model in CLAUDE.md #43

Background

Task

Acceptance Criteria

Reference

Priority

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Document onlyBuiltDependencies security model in CLAUDE.md #43

Description

Background

Task

Acceptance Criteria

Reference

Priority

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions