docs(plans): mark skill-safety-scanner completed

docs/plans/state.json

@@ -66,10 +66,23 @@
     },
     "skill-safety-scanner": {
       "file": "2026-02-15-skill-safety-scanner-checklist.md",
-      "status": "planned",
+      "status": "completed",
       "date": "2026-02-15",
       "updated": "2026-02-15",
-      "summary": "Executable checklist to implement a static skill/plugin safety scanner integrated into skill load/install paths with audit events and tests, preventing unsafe skill packages from being injected into prompts or used via routing."
+      "summary": "Implemented a static skill safety scanner that runs on skill load and install, blocking symlinks/oversized files/binary blobs and prompt-injection markers in SKILL.md, validating manifest.json structure, emitting audit events for scan pass/fail, and preventing routing into unavailable skills.",
+      "files_created": [
+        "src/skills/scanner.ts"
+      ],
+      "files_modified": [
+        "src/skills/loader.ts",
+        "src/skills/loader.test.ts",
+        "src/skills/installer.ts",
+        "src/skills/installer.test.ts",
+        "src/audit/types.ts",
+        "src/audit/logger.ts",
+        "src/daemon/routing.ts"
+      ],
+      "test_status": "pnpm typecheck + pnpm test:run passing"
     },
     "openclaw-style-personal-agent-without-openclaw-risks": {
       "file": "2026-02-14-openclaw-style-personal-agent-without-openclaw-risks-plan.md",