<objective Verify threat mitigations for a completed phase. Three states: - (A) SECURITY.md exists — audit and verify mitigations - (B) No SECURITY.md, PLAN.md with threat model exists — run from artifacts - (C) Phase not executed — exit with guidance Output: updated SECURITY.md. </objective <execution context @${CLAUDE PLUGIN ROOT}/workflows/secure-phase.md </execution context <context Phase: $ARGUMENTS — optional, defaults to last completed phase. </context <process Execute @${CLAUDE PLUGIN ROOT}/workflows/secure-phase.md. Preserve all workflow gates. </process ---