Tootfinder

I'm wondering how plausible it would be for the new ngscopeclient CI to have a private web form (probably just restricted by simple https basic auth with creds shared among project maintainers) to request a build of a specific commit in order to enable testing of PRs.
The idea is that this will still allow pre-testing of PR content before we merge them, but won't allow any possibility for an outside attacker to trigger a build on our infrastructure without a maintainer at least…

🔧 Code quality:
• tdd — full test-driven dev workflow
• scaffold-exercises — builds coding exercises from spe cs
• edit-article — structured editing with context transfer
🛡️ Safety rails:
• git-guardrails-claude-code — blocks push, reset --hard & clean before #AI executes them
• setup-pre-commit — configures