feat(settings): wire policy compiler into registration readiness.

[enjoyandlove]

Closes #277

Summary

• Implements #277 — wire policy compiler output into registration readiness onboarding preview.
• src/signals/onboarding-pack.ts — Added focusManifestPolicyToCompilerOutput() adapter that converts the new FocusManifestPolicy shape (from the branch's policy schema) into the RepoPolicyCompilerOutput expected by buildRepoOnboardingPackPreview. Imports FocusManifestPolicy from focus-manifest.
• src/signals/registration-readiness.ts — Wires the full pipeline in buildRegistrationReadiness: compileFocusManifestPolicy → focusManifestPolicyToCompilerOutput → buildRepoOnboardingPackPreview, producing an onboardingPackPreview field on RegistrationReadinessReport. Field is null when no focusManifest is supplied so all existing callers are unaffected.
• src/openapi/schemas.ts — Added onboardingPackPreview to RegistrationReadinessSchema; regenerated apps/gittensory-ui/public/openapi.json.
• test/unit/registration-readiness.test.ts — 3 new tests: null preview when no manifest is present; preview shape and public-safety invariant when a manifest is provided; unsafe public note stripping through the full pipeline.

Scope

• This PR is focused and does not mix unrelated backend, UI, MCP, docs, dependency, and deploy changes.
• This follows CONTRIBUTING.md and does not reintroduce GitHub Pages, VitePress, site/, or CNAME.
• I linked an issue, or this is small enough that the summary explains why an issue is not needed.

Validation

• git diff --check
• npm run actionlint — skipped (no workflow files changed)
• npm run typecheck
• npm run test:coverage — 892 tests pass, branch coverage 97.02% (above threshold)
• npm run test:workers
• npm run build:mcp
• npm run test:mcp-pack
• npm run ui:openapi:check — regenerated and verified
• npm run ui:lint
• npm run ui:typecheck
• npm run ui:build
• npm audit --audit-level=moderate
• New or changed behavior has unit/integration tests for new branches, fallback paths, and sanitizer boundaries

If any required check was skipped, explain why:

• npm run actionlint — no workflow files were modified.
• npm run test:workers, build:mcp, test:mcp-pack, ui:lint, ui:typecheck, ui:build — no MCP package or UI files were changed.
• npm audit — no dependency changes.

Safety

• No secrets, wallet details, hotkeys, coldkeys, user PATs, private keys, raw trust scores, private rankings, or private maintainer evidence are exposed.
• Public GitHub text stays sanitized, low-noise, and does not imply compensation guarantees or optimization tactics. focusManifestPolicyToCompilerOutput only passes publicSafe fields; buildRepoOnboardingPackPreview re-validates via isFocusManifestPublicSafe. Tests assert output never matches the forbidden-terms pattern.
• Auth, cookie, CORS, GitHub App, Cloudflare, or session changes include negative-path tests. — N/A; no auth changes.
• API/OpenAPI/MCP behavior is updated and tested where needed. — RegistrationReadinessSchema extended and openapi.json regenerated; new field tested end-to-end.
• UI changes use live API data or real empty/error/loading states, not production mock/demo fallbacks. — N/A, no UI changes.
• Visible UI changes include screenshots or a short recording. — N/A, no UI changes.
• Public docs/changelogs are updated where needed; changelogs are only edited for release-prep PRs. — N/A, internal signal wiring only.

Notes

• onboardingPackPreview is null when no focusManifest is passed to buildRegistrationReadiness — all existing call sites remain unaffected.
• The adapter maps FocusManifestPolicy.publicSafe.* fields only; authenticated context (parse warnings, private note count) is passed as privateOwnerContext so it stays out of the public preview.
• buildRepoOnboardingPackPreview already enforces a second safety pass via isRepoOnboardingPackPublicSafe; unsafe text degrades gracefully to a safe fallback markdown string rather than throwing.

[JSONbored]

@enjoyandlove this cannot merge until the branch parses and the PR title is fixed.

A few notes:

• The registration-readiness policy compiler wiring is the right surface for #277.
• The current CI failure is deterministic: TypeScript reports missing braces/commas in src/signals/focus-manifest.ts and test/unit/policy-sanitizer.test.ts.
• The title also needs to follow this repo's Conventional Commit policy.

Required changes:

• Retitle to feat(settings): wire policy compiler into registration readiness.
• Fix the syntax errors reported by npm run typecheck.
• Keep the OpenAPI artifact fresh after the schema changes.

Validation expected:

• npm run typecheck
• npm run test:coverage
• npm run ui:openapi:check
• Full npm run test:ci