chore(tooling): add Claude Code slash commands for housekeeping and security alerts

[misama-ct]

Summary

Ports two Claude Code slash commands from the nimbus repo, tailored to this ui-kit monorepo:

• /housekeeping — updates pnpm-workspace.yaml catalog entries (catalog: and catalogs.<name>:) to their latest minor/patch versions only, in risk-ordered cohorts, with build/lint/type/test validation between checkpoints. Accepts free-form scope filters (e.g. "tooling only", "storybook dry run", "just the slate stack"). The peer catalog stays frozen.
• /github/fix-security-alerts — triages Dependabot alerts in this repo, proposes a fix plan, applies auto-fixable updates after validation, and optionally pushes and opens a PR.

Both files are pure tooling — they only land in .claude/commands/ and don't affect published packages, so no changeset is required.

Test plan

• In a Claude Code session at the repo root, run /housekeeping dry run and confirm it enumerates catalogs without applying changes.
• Run /github/fix-security-alerts and confirm it reaches the "present plan" phase against current Dependabot alerts before any commits are made.
• Verify both commands appear in the / command palette.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
ui-kit	Ready	Preview, Comment	May 19, 2026 1:55pm

[changeset-bot]

⚠️ No Changeset found

Latest commit: ed38069

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR