chore(iaify): apply iAiFy enterprise overlay

.github/CODEOWNERS

@@ -0,0 +1,2 @@
+# iAiFy default owner
+* @ashsolei

.github/copilot-instructions.md

@@ -0,0 +1,39 @@
+# Copilot Instructions — nanoclaw
+
+## Project
+
+- **Name**: nanoclaw
+- **Organization**: AiFeatures
+- **Enterprise**: iAiFy
+- **Description**: A lightweight alternative to OpenClaw that runs in containers for security. Connects to WhatsApp, Telegram, Slack, Discord, Gmail and other messaging apps,, has memory, scheduled jobs, and runs directly on Anthropic's Agents SDK
+
+## Fork Status
+
+This is a fork of qwibitai/nanoclaw. Do not contribute back upstream.
+Local customizations are preserved in the main branch.
+Upstream sync is managed via Ai-road-4-You/fork-sync.
+
+## Conventions
+
+- Use kebab-case for file and directory names
+- Use conventional commits (feat:, fix:, chore:, docs:, refactor:, test:)
+- All PRs require review before merge
+- Branch from main, merge back to main
+
+## Shared Infrastructure
+
+- Reusable workflows: Ai-road-4-You/enterprise-ci-cd@v1
+- Composite actions: Ai-road-4-You/github-actions@v1
+- Governance standards: Ai-road-4-You/governance
+
+## Quality Standards
+
+- Run lint and tests before submitting PRs
+- Keep dependencies updated via Dependabot
+- No hardcoded secrets — use GitHub Secrets or environment variables
+- Follow OWASP Top 10 security practices
+
+## AgentHub Integration
+- Skills: `.agents/skills/` in this repo links to shared AgentHub skills
+- 14 shared agents available (api, architect, cli, deploy, developer, docker, docs, orchestrator, performance, refactor, reviewer, security, tester, troubleshoot)
+- MCP: 12 servers (GitHub, Supabase, Playwright, MongoDB, Notion, HuggingFace, etc.)

.github/dependabot.yml

@@ -0,0 +1,16 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    labels:
+      - "dependencies"
+      - "ci-cd"
+    commit-message:
+      prefix: "ci"
+    groups:
+      iaify-shared:
+        patterns:
+          - "Ai-road-4-You/*"

.github/workflows/iaify-release.yml

@@ -0,0 +1,20 @@
+name: Release
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  issues: write
+  pull-requests: write
+  id-token: write
+  attestations: write
+
+jobs:
+  release:
+    uses: Ai-road-4-You/enterprise-ci-cd/.github/workflows/release.yml@v1
+    with:
+      package-manager: "npm"
+    secrets: inherit

.github/workflows/iaify-repo-hygiene.yml

@@ -0,0 +1,15 @@
+name: Repo Hygiene (nightly)
+
+on:
+  schedule:
+    - cron: "0 5 * * *"  # Daily 05:00 UTC
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  hygiene:
+    uses: Ai-road-4-You/enterprise-ci-cd/.github/workflows/repo-hygiene.yml@v1
+    with:
+      fail-on-warnings: false

.github/workflows/iaify-sbom.yml

@@ -0,0 +1,20 @@
+name: SBOM Generation
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  id-token: write
+  attestations: write
+
+jobs:
+  sbom:
+    uses: Ai-road-4-You/enterprise-ci-cd/.github/workflows/sbom.yml@main
+    permissions:
+      contents: write
+      id-token: write
+      attestations: write
+

.github/workflows/iaify-security-scan.yml

@@ -0,0 +1,19 @@
+name: Security Scan
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: "0 6 * * 1"
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  security-events: write
+
+jobs:
+  security:
+    uses: Ai-road-4-You/enterprise-ci-cd/.github/workflows/security-scan.yml@v1
+    secrets: inherit

AGENTS.md

@@ -0,0 +1,23 @@
+# AI Agent Instructions
+
+## Repository: codeburn
+
+- **Organization**: AiFeatures
+- **Enterprise**: iAiFy
+- **Upstream**: getagentseal/codeburn
+
+## Shared infrastructure
+
+| Resource | Reference |
+|---|---|
+| Reusable workflows | `Ai-road-4-You/enterprise-ci-cd@v1` |
+| Composite actions  | `Ai-road-4-You/github-actions@v1` |
+| Governance docs    | `Ai-road-4-You/governance` |
+| Repo templates     | `Ai-road-4-You/repo-templates` |
+
+## Conventions
+
+1. Use **conventional commits** (`feat:`, `fix:`, `chore:`, `docs:`, `refactor:`, `test:`)
+2. Create **feature branches** for all changes
+3. Run tests before committing
+4. Preserve the iAiFy overlay when merging upstream

CLAUDE.md

@@ -0,0 +1,35 @@
+# codeburn — Claude Code Context
+
+## Overview
+
+- **Repository**: AiFeatures/codeburn
+- **Enterprise**: iAiFy
+- **Language**: TypeScript
+- **Upstream**: https://github.com/getagentseal/codeburn
+- **Description**: Interactive TUI dashboard for Claude Code / Codex / Cursor token cost observability (iAiFy fork)
+
+## Fork relationship
+
+iAiFy fork of `getagentseal/codeburn`. Upstream merges run on a monthly/quarterly
+schedule per `Ai-road-4-You/governance/docs/runbooks/fork-upstream-merge.md`.
+We never push back to upstream.
+
+On upstream merge: **always preserve** the iAiFy overlay files
+(`CLAUDE.md`, `AGENTS.md`, `.github/workflows/iaify-*.yml`,
+`.github/dependabot.yml`, `.github/copilot-instructions.md`).
+
+## Conventions
+
+- Conventional commits: `feat:`, `fix:`, `chore:`, `docs:`, `refactor:`, `test:`
+- Kebab-case filenames for new files
+- Branch protection on main — PRs required
+- CODEOWNERS: @ashsolei
+
+## Shared resources
+
+| Asset | Location |
+|---|---|
+| CI/CD workflows | `Ai-road-4-You/enterprise-ci-cd@v1` |
+| Composite actions | `Ai-road-4-You/github-actions@v1` |
+| Governance | `Ai-road-4-You/governance` |
+| Repo templates | `Ai-road-4-You/repo-templates` |