feat(llm-security-copilot): port llm-security v5.1.0 to GitHub Copilot CLI

Full port of llm-security plugin for internal use on Windows with GitHub
Copilot CLI. Protocol translation layer (copilot-hook-runner.mjs)
normalizes Copilot camelCase I/O to Claude Code snake_case format — all
original hook scripts run unmodified.

- 8 hooks with protocol translation (stdin/stdout/exit code)
- 18 SKILL.md skills (Agent Skills Open Standard)
- 6 .agent.md agent definitions
- 20 scanners + 14 scanner lib modules (unchanged)
- 14 knowledge files (unchanged)
- 39 test files including copilot-port-verify.mjs (17 tests)
- Windows-ready: node:path, os.tmpdir(), process.execPath, no bash

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

plugins/llm-security-copilot/skills/harden/SKILL.md

@@ -0,0 +1,36 @@
+---
+name: security-harden
+description: Generate Grade A security configuration — settings, instructions, .gitignore additions
+---
+
+# Security Harden
+
+Generate reference security configuration based on current posture gaps.
+
+## Step 1: Generate Recommendations
+
+```bash
+node <plugin-root>/scanners/reference-config-generator.mjs $ARGUMENTS
+```
+
+If `$ARGUMENTS` is empty, scan current working directory. Parse JSON output: `projectType`, `posture`, `recommendations[]`, `summary`.
+
+## Step 2: Present Recommendations
+
+Show table of recommended changes with: file, change description, current state, recommended state.
+
+## Step 3: Apply (if confirmed)
+
+If user confirms (or `--apply` flag is set):
+```bash
+node <plugin-root>/scanners/reference-config-generator.mjs $ARGUMENTS --apply
+```
+
+## Step 4: Verify
+
+Re-run posture scanner to verify grade improvement:
+```bash
+node <plugin-root>/scanners/posture-scanner.mjs $ARGUMENTS
+```
+
+Report: Grade before → Grade after. If still below A, explain remaining gaps that require manual configuration (hooks, custom settings).