docs: add prioritized PR review issues analysis

[Copilot]

Created a comprehensive analysis of all 13 issues identified in the PR code review, ranked by severity and impact.

Changes

• New document: /plans/pr-review-issues-prioritized.md
  • Catalogs security vulnerabilities (path traversal), compilation errors (missing imports), runtime bugs (null dereference, unstable sorting), and functional issues (install flow, browser storage)
  • Groups issues into 4 priority tiers: Critical (3), High (5), Medium (4), Low (1)
  • Provides file references, impact analysis, and specific remediation steps for each issue
  • Recommends fix order: 8 issues block merge, 4 for post-merge, 1 for backlog

Issue Breakdown

Critical (must fix before merge):

• Path traversal in registry fetcher allowing arbitrary file access
• Missing BranchConfig import causing TypeScript compilation failure
• Null dereference in InstallParams.instanceConfig

High (should fix before merge):

• Unstable sorting from undefined type priority fallback
• Install flow using index summary instead of full registry item
• results.skipped never populated (UX regression)
• Browser storage readdir() double-slash and readFile() binary handling bugs

Medium/Low:

• Type duplication, process control issues, missing tests, documentation gaps

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 1d0c92a

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[Copilot]

Pull request overview

Adds a new planning document that consolidates and prioritizes previously identified review issues for the “registry refactor” work, intended to guide remediation order before/after merge.

Changes:

• Add /plans/pr-review-issues-prioritized.md with 13 issues grouped into Critical/High/Medium/Low tiers.
• Include per-issue impact statements, file references, and recommended remediation steps.
• Provide a recommended fix order and merge-blocker callouts.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Section #2 appears to be outdated/incorrect: packages/core/src/index.ts already imports BranchConfig from @repo/types, so this is not currently a TypeScript compilation failure. Please either remove this issue from the prioritized list or update it to reflect the actual remaining compilation blocker (and correct file/line references).