fix(linkedin-studio): S13 — close S12 WARN ($-scalar + false-green test) + $-safety lint guard

Closes the 2 grep/Read-verified findings from the S12 cold full-brief re-review
(docs/remediation/review.md, WARN 0/1/1/0, 0 dropped) and closes the $-injection
CLASS — not the line — across the whole state-updater.mjs mutation surface.

See docs/remediation/review.md (S13 ALLOW, 0/0/0/0) for the full closure record:
replaceField -> replacement function; the 3 additive-insert sites -> functions
(m === $1, behavior-preserving); a scalar assert.match pins last_post_topic; and a
behavioral, coverage-complete, self-testing Section 12 guard (check-replace-safety.mjs)
that is mutation-proven. Docs three-doc + residuals updated. test-runner.sh 71/0/0,
node --test 98/98.

plugins/linkedin-studio/docs/remediation/brief.md

@@ -279,6 +279,45 @@ gaps) → Phase 3 (long-form earn / redundancy measurement).
 - The plugin's own lint (`scripts/test-runner.sh`, rebuilt) and any `node --test`
   suites pass on the final state.
 
+## Amendment (2026-05-30) — Finish scope (S13–S17)
+
+After the v4.0.0 remediation pushed (Phase 0–3 done; S12 review WARN, 2 findings open),
+the operator commissioned a **finish pass** to close every remaining hole to a clean
+ALLOW. Plan: `docs/remediation/finish-plan.md`. This amendment folds the new scope into
+the contract so the review gate measures it as in-scope (not Non-Goal violation).
+
+**Re-opened Non-Goals (superseded by operator decision 2026-05-30):**
+- *"Not changing the /linkedin:* command invocation surface"* — **re-opened** for S14
+  command rationalization (a deliberate keep/develop/merge/cut pass; merges/cuts only on
+  explicit per-command operator approval).
+- *"Not adding a manual-entry feature for saves/dwell"* — **re-opened for saves only**
+  (S16). Dwell stays unmeasurable (internal-only); no dwell surface is built.
+
+**New Success Criteria (Finish):**
+- **S13:** `replaceField` (`state-updater.mjs:14-18`) inserts untrusted `last_post_topic`
+  literally (replacement function); a `$`-bearing test pins the `last_post_topic` scalar;
+  a structural `$`-safety lint (Section 12) fails on any string-replacement whose value
+  derives from an untrusted parameter; `/trekreview` → ALLOW.
+- **S14:** `docs/remediation/command-rationalization.md` records a per-command
+  keep/develop/merge/cut recommendation for all commands; every merge/cut is operator-
+  approved; the lint count-guard + all rosters + three-doc agree with `ls commands/*.md`.
+- **S15:** `/linkedin:onboarding` produces a draft post inline (no `Run /linkedin:first-post`
+  dead-end); `/linkedin` router is tiered (≤4 primary, ~1K-gated commands flagged
+  "locked"); `/linkedin:carousel` copies the full deck (all slides + caption), not just
+  the caption.
+- **S16:** a manual saves value can be entered and surfaces in `/linkedin:report` without
+  crashing; CSV-only data still works (backward-compatible); dwell remains explicitly
+  unexportable.
+- **S17:** every uncalibrated audit finding C13–C46 has a recorded disposition
+  (`docs/remediation/c13-c46-triage.md`: still-real / already-fixed / outdated-drop); every
+  still-real one is grep-verified closed.
+
+**Pending / out-of-band (not yet sequenced — operator will time it):** two additional
+briefs the operator flagged — `docs/linkedin-studio-persona-brief.md` and
+`docs/linkedin-studio-ui-brief.md`. If their scope conflicts with S13–S17 (esp. the UI
+brief vs S15 router/onboarding/carousel UX), reconcile before executing the overlapping
+session; do not let the finish pass pre-empt a decision the operator hasn't made.
+
 ## Research Plan
 
 *The internal/file-level fixes (analytics-CLI crash, dead lint, voice-leak,