Use bin/brakeman in CI so warnings fail the build

bin/ci was using `brakeman -q --no-exit-on-warn` which silently
passed on warnings, while GitHub CI ran `bin/brakeman` which exits
non-zero. Now both use the same command.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: newstler

.claude/agents/rails-backend.md

@@ -113,5 +113,5 @@ Before completing any task:
 ```bash
 bundle exec rubocop -A     # Fix lint issues
 rails test                  # Run tests
-bundle exec brakeman -q     # Security check
+bin/brakeman --no-pager      # Security check
 ```

.claude/commands/commit-push-pr.md

@@ -21,7 +21,7 @@ Before committing, ensure code quality:
 ```bash
 bundle exec rubocop -A
 rails test
-bundle exec brakeman -q --no-pager
+bin/brakeman --no-pager
 ```
 
 If any quality gate fails, fix the issues before proceeding.

.claude/commands/review-code.md

@@ -65,7 +65,7 @@ git diff --cached  # If already staged
 ```bash
 bundle exec rubocop -A
 rails test
-bundle exec brakeman -q --no-pager
+bin/brakeman --no-pager
 ```
 
 ## 4. Common Issues

.claude/commands/run-tests.md

@@ -93,7 +93,7 @@ Action: Method doesn't exist, check model implementation.
 If all tests pass:
 ```bash
 bundle exec rubocop -A
-bundle exec brakeman -q
+bin/brakeman --no-pager
 ```
 
 If tests fail:

AGENTS.md

@@ -235,7 +235,7 @@ Before ANY commit:
 
 ```bash
 bin/ci
-# or: bundle exec rubocop -A && rails test && bundle exec brakeman -q
+# or: bundle exec rubocop -A && rails test && bin/brakeman --no-pager
 ```
 
 All must pass. No exceptions.

bin/ci

@@ -20,7 +20,7 @@ echo "✅ Tests complete"
 echo ""
 
 echo "🔒 Step 4/5: Running Brakeman security scan..."
-bundle exec brakeman -q --no-pager --no-exit-on-warn
+bin/brakeman --no-pager
 echo "✅ Security scan complete"
 echo ""