ci: add security/performance/audit validators to pre-commit and CI

- Add validate-security, validate-performance, validate-audit hooks
  to .pre-commit-config.yaml (previously only architecture was checked)
- Break single "Run all validators" CI step into 4 explicit steps
  (architecture, security, performance, audit) for clearer pipeline output
- Add noqa: SEC001 suppressions for test fixture hashed_password values

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

.pre-commit-config.yaml

@@ -4,7 +4,7 @@
 # Run manually: pre-commit run --all-files
 
 repos:
-  # Architecture validation
+  # Code validators (architecture, security, performance, audit)
   - repo: local
     hooks:
       - id: validate-architecture
@@ -16,6 +16,33 @@ repos:
         additional_dependencies: [pyyaml]
         verbose: true
 
+      - id: validate-security
+        name: Validate Security Patterns
+        entry: python scripts/validate/validate_all.py --security
+        language: python
+        pass_filenames: false
+        always_run: true
+        additional_dependencies: [pyyaml]
+        verbose: true
+
+      - id: validate-performance
+        name: Validate Performance Patterns
+        entry: python scripts/validate/validate_all.py --performance
+        language: python
+        pass_filenames: false
+        always_run: true
+        additional_dependencies: [pyyaml]
+        verbose: true
+
+      - id: validate-audit
+        name: Validate Audit Patterns
+        entry: python scripts/validate/validate_all.py --audit
+        language: python
+        pass_filenames: false
+        always_run: true
+        additional_dependencies: [pyyaml]
+        verbose: true
+
   # Python code quality
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.5.0