docs: update documentation for accuracy and consistency

[Copilot]

Documentation audit to align docs with current CLI implementation and fix broken references.

Fixes

• quickstart.md: Fixed hardcoded version 0.1.0 → dynamic reference; corrected wildcard support (was incorrectly marked as unsupported)
• usage.md: Added missing CLI options (--enable-chroot, --container-workdir, --proxy-logs-dir, --allow-host-ports, --image-registry, --image-tag); added Chroot Mode section
• chroot-mode.md: Kept original valid links to docs-site security-architecture.md and cli-reference.md
• architecture.md: Fixed stale file paths (test-copilot-*.sh → test-*.yml); updated terminology (copilot → agent container)
• logging_quickref.md, troubleshooting.md: Fixed broken LOGGING.md references
• README.md: Added missing doc links (GitHub Actions, Environment)

Example of corrected wildcard docs

# Before (incorrect - wildcards ARE supported)
# ✗ No wildcard syntax (use base domain instead)
--allow-domains '*.github.com'

# After (correct)
# ✓ Wildcard syntax is supported
--allow-domains '*.github.com'    # matches any subdomain of github.com

Custom agent used: technical-doc-writer
AI technical documentation writer for awf library using Astro Starlight

Original prompt

Technical Documentation Review: Audit and update all documentation files to ensure they accurately reflect the current state of the repository. This includes:

Review README.md for accuracy with current CLI options and features
Verify docs/*.md files match actual implementation
Ensure the new --enable-chroot feature is properly documented across all relevant docs
Check that code examples in documentation are working and up-to-date
Update any outdated installation instructions or version references
Add missing documentation for any undocumented features
Focus on consistency and accuracy between docs and actual codebase.

Custom agent used: technical-doc-writer
AI technical documentation writer for awf library using Astro Starlight

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Mossaka]

Review: REQUEST_CHANGES

@copilot Please fix the following issue:

Critical Issue: Wrong Security Document Link

In docs/chroot-mode.md, you replaced:

• ../docs-site/src/content/docs/reference/security-architecture.md (comprehensive security architecture doc)

with:

• ./security.md (generic bug bounty/reporting policy)

These are fundamentally different documents. The security-architecture.md covers threat models, design principles, and what the firewall protects against. The security.md is a standard GitHub security reporting template.

Required Fix

Either:

1. Keep the original link to security-architecture.md
2. Create a proper security model doc in docs/ that summarizes the key security architecture points
3. Remove the security link entirely rather than point to the wrong document

Note

The other changes in this PR (wildcard support fix, broken LOGGING.md link fixes, CLI option additions) are correct and valuable. Only the security link replacement is problematic.

[Copilot]

Review: REQUEST_CHANGES

@copilot Please fix the following issue:...

Fixed in 351c778. I incorrectly assumed the docs-site paths were broken, but both security-architecture.md and cli-reference.md exist and are valid. I've restored the original links to point to the correct documents.

[github-actions]

📰 DEVELOPING STORY: Smoke Copilot reports failed. Our correspondents are investigating the incident...

[github-actions]

💫 TO BE CONTINUED... Smoke Claude failed! Our hero faces unexpected challenges...

[Copilot]

Pull request overview

This PR performs a comprehensive documentation audit to align documentation with the current CLI implementation. The changes fix inaccuracies, update stale references, and add missing documentation for recently added features.

Changes:

• Fixed wildcard support documentation (was incorrectly marked as unsupported)
• Added documentation for 6 missing CLI options (--enable-chroot, --container-workdir, --proxy-logs-dir, --allow-host-ports, --image-registry, --image-tag)
• Updated stale file paths in architecture.md (test-copilot-.sh scripts → test-.yml workflows)
• Updated terminology consistently (copilot → agent container)
• Fixed broken LOGGING.md references throughout documentation
• Updated version reference from hardcoded 0.1.0 to dynamic example (0.13.1)

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
docs/usage.md	Added 6 missing CLI options, new Chroot Mode section, updated command syntax
docs/troubleshooting.md	Fixed broken LOGGING.md reference to point to logging_quickref.md
docs/quickstart.md	Fixed hardcoded version reference and corrected wildcard support documentation
docs/logging_quickref.md	Updated terminology (copilot → agent container) and fixed references
docs/architecture.md	Fixed stale file paths and updated terminology throughout
README.md	Added links to GitHub Actions and Environment documentation

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The example for --allow-host-ports is incomplete compared to the actual CLI help text. The CLI help shows three variations: single port (3000), multiple ports (3000,8080), and complex ranges (3000-3010,8000-8090). The documentation should include all three examples for completeness and clarity.

Suggested change

	Example: --allow-host-ports 3000,8080 or 3000-3010
	Examples: --allow-host-ports 3000, 3000,8080, or 3000-3010,8000-8090

[Mossaka]

The security link issue was already fixed in commit 351c778. The documentation changes are valuable - approving.