chore: add minimum release age to .npmrc (#1152)

* chore: add agent protocol sections to CLAUDE.md

* chore: add minimum release age to .npmrc

Add minimum-release-age=10080 (pnpm, minutes) and min-release-age=7
(npm v11+, days) to enforce a 7-day waiting period before installing
newly published packages, reducing supply chain attack risk.

Author: jdalton

.npmrc

@@ -6,6 +6,11 @@ link-workspace-packages=false
 loglevel=error
 prefer-workspace-packages=false
 
+# Minimum release age - wait 7 days before installing newly published packages
+# pnpm uses minimum-release-age (minutes), npm v11+ uses min-release-age (days)
+minimum-release-age=10080
+min-release-age=7
+
 # Trust policy - prevent downgrade attacks
 trust-policy=no-downgrade
 trust-policy-exclude[]=undici@6.21.3