deploy-checklisted

# Deploy Check ## Purpose Run the pre-deploy gate: build the production artifact, smoke-test critical paths, verify environment-variable sanity (presence, not values), and produce a structured go/no-go report. Distinct from `test-suite` (correctness) and `pre-commit` (cheap fast checks) — deploy-check is deploy-shaped: it cares about what would actually ship to a target environment. ## Scope Operates on the current branch's HEAD; reads the project's deploy configuration (`deploy/`, `Dockerfile`, `cloudbuild.yaml`, project- specific scripts). With `--target <env>`, the smoke tests can be environment-specific (e.g. staging vs prod has different smoke targets). NOT in scope: actually deploying. The skill is verification only. A separate operator action triggers the deploy. ## Automated pass 1. **Build.** Run the project's production build (`make build`, `npm run build`, `flutter build`, `docker build`, etc.). Warnings logged; failures abort. 2. **Artifact sanity.** Verify the artifact has expected size order-of- magnitude (bin sizes don't suddenly 10x without warning), expected files (no missing required output), expected provenance metadata. 3. **Env-var presence.** Read the deploy config to enumerate required env vars; verify each is set to a non-empty value in the target env. Do NOT print values — print presence/absence (per `rule:secret-handling`). 4. **Smoke tests.** Run the project-defined deploy-smoke target (`make smoke`, `npm run test:smok