feat: add core/ tier reflecting actual universal workflow

The original repo presented everything as equal rules. In reality, the
workflow has two tiers: core practices (used in every project) and advanced
rules (only in complex projects like Mortdecai).

Core tier adds:
- backup-before-edit (global CLAUDE.md rule)
- superpowers-workflow (the actual workflow engine)
- memory-system (persistent feedback and project memories)
- document-hierarchy (CLAUDE.md/SESSION.md/CONTEXT.md/IDEA.md)
- commit-and-push discipline
- feedback-driven behaviors

Updated README, docs, and dynamic-methodology to reflect the two-tier
reality instead of presenting advanced rules as universal.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

settings/settings.example.json

@@ -1,17 +1,26 @@
 {
   "_comment": "Example Claude Code settings.json — copy relevant sections to ~/.claude/settings.json",
+  "_note": "This reflects the actual configuration used across 26+ projects",
 
   "enabledPlugins": {
-    "_comment": "Recommended plugins from the official marketplace",
+    "_comment_core": "CORE — Superpowers is the workflow engine, not optional",
     "superpowers@claude-plugins-official": true,
+
+    "_comment_recommended": "RECOMMENDED — quality and maintenance tools",
     "code-review@claude-plugins-official": true,
     "code-simplifier@claude-plugins-official": true,
-    "claude-md-management@claude-plugins-official": true
+    "claude-md-management@claude-plugins-official": true,
+
+    "_comment_optional": "OPTIONAL — enable based on your work",
+    "frontend-design@claude-plugins-official": false,
+    "skill-creator@claude-plugins-official": false,
+    "plugin-dev@claude-plugins-official": false
   },
 
   "hooks": {
     "PreToolUse": [
       {
+        "_comment": "Block git pushes if tracked files contain secrets",
         "matcher": "Bash",
         "hooks": [
           {
@@ -26,29 +35,27 @@
   },
 
   "_permissions_example": {
-    "_comment": "Add to permissions.deny to block access to sensitive files",
-    "deny": [
-      "Read(~/.ssh/*)",
-      "Read(~/.aws/*)",
-      "Read(~/.env)",
-      "Read(**/credentials*)",
-      "Read(**/.env*)",
-      "Read(**/*.pem)",
-      "Read(**/*.key)",
-      "Write(~/.ssh/*)",
-      "Write(~/.aws/*)",
-      "Write(**/.env*)"
-    ]
+    "_comment": "Add to your settings.json top level to block access to sensitive files",
+    "permissions": {
+      "deny": [
+        "Read(~/.ssh/*)",
+        "Read(~/.aws/*)",
+        "Read(~/.env)",
+        "Read(**/credentials*)",
+        "Read(**/.env*)",
+        "Read(**/*.pem)",
+        "Read(**/*.key)",
+        "Write(~/.ssh/*)",
+        "Write(~/.aws/*)",
+        "Write(**/.env*)"
+      ]
+    }
   },
 
-  "_mcp_example": {
-    "_comment": "Example MCP server configuration — add servers relevant to your workflow",
-    "mcpServers": {
-      "example-server": {
-        "command": "/path/to/server",
-        "args": [],
-        "env": {}
-      }
-    }
+  "_global_claude_md": {
+    "_comment": "Add these lines to your ~/.claude/CLAUDE.md (global instructions)",
+    "rules": [
+      "Before editing any file, back up the original to a .backup/ directory in the same parent folder."
+    ]
   }
 }