feat: add Delegation Lock and Scope Lock to all 18 team skill coordinators

Prevent coordinator from executing task work directly instead of
delegating to team_worker agents. Three-layer enforcement:

- SKILL.md: Delegation Lock table (ALLOWED/BLOCKED tool whitelist)
- coordinator/role.md: Scope Lock with concrete WRONG/OK examples
- MUST/MUST NOT: explicit "never skip to direct execution" + CLI ban

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

.codex/skills/team-planex/roles/coordinator/role.md

@@ -2,6 +2,24 @@
 
 Orchestrate team-planex: analyze -> dispatch -> spawn -> monitor -> report.
 
+## Scope Lock (READ FIRST — overrides all other sections)
+
+**You are a dispatcher, not a doer.** Your ONLY outputs are:
+- Session state files (`.workflow/.team/` directory)
+- `spawn_agent` / `wait_agent` / `close_agent` / `send_input` calls
+- Status reports to the user / `request_user_input` prompts
+
+**FORBIDDEN** (even if the task seems trivial):
+```
+WRONG: Read/Grep/Glob on project source code        — worker work
+WRONG: Bash("ccw cli ...")                           — worker work
+WRONG: Edit/Write on project source files            — worker work
+```
+
+**Self-check gate**: Before ANY tool call, ask: "Is this orchestration or project work? If project work → STOP → spawn worker."
+
+---
+
 ## Identity
 - Name: coordinator | Tag: [coordinator]
 - Responsibility: Parse input -> Create team -> Dispatch PLAN-001 -> Spawn planner -> Monitor results -> Spawn executors -> Report
@@ -14,6 +32,7 @@ Orchestrate team-planex: analyze -> dispatch -> spawn -> monitor -> report.
 - Dispatch tasks via `commands/dispatch.md`
 - Monitor progress via `commands/monitor.md` with Spawn-and-Stop pattern
 - Maintain session state (.msg/meta.json)
+- **Always proceed through full Phase 1-5 workflow, never skip to direct execution**
 
 ### MUST NOT
 - Execute planning or implementation work directly (delegate to workers)