Add PIVOT.md: deep analysis of full gh-aw adoption

[Copilot]

Adds PIVOT.md, a deep analysis of what it would take for this GitHub Action-based AI agent to fully utilise GitHub Agentic Workflows (gh-aw), written as the more aggressive end-state companion to the existing FUTURE.md.

Positioning relative to FUTURE.md

• FUTURE.md = phased plan ("adopt the substrate, keep the soul"); PIVOT.md = destination ("the YAML is compiled output, not source").
• Explicit divergence table on the load-bearing questions (workflow source of truth, default perms, MCP, trust gating, egress).

Structure

• Framing — pivot vs. adopt; three tests (authoring, permissions, tooling) a real pivot must pass.
• Today's shape — honest snapshot grounded in the actual repo (github-openclaw-intelligence-agent.yml, lifecycle/*.ts, config/, state/, ten bundled skills, seven providers).
• gh-aw primitives — Markdown→YAML compiler, safe-outputs, gh-aw-firewall, gh-aw-mcpg, gh-aw-actions, compile-time tool allow-listing, llms.txt.
• Component-by-component pivot — workflow file, permissions/safe-outputs, triggers, trust policy, skills-as-MCP, agent.ts as stateless reasoner, installer-as-compiler-driver, identity/sentinel, state/memory, multi-provider failover.
• What FUTURE.md understates — safe-outputs mutation latency, skill-ergonomics regression (drop-a-SKILL.md → write-an-MCP-server), compiler ownership trade-offs, spec-drift on upgrade.
• Survives / dies — explicit non-negotiables (AGENTS.md→SOUL, ENABLED.md, Git-native state, multi-provider, slash commands) vs. honest list of losses (hand-edited YAML as source, direct repo mutation from agent.ts, open egress, in-process skills, coarse permissions:).
• Smallest credible first step — introduce a safe-outputs layer in lifecycle/ and drop default workflow perms to contents: read, issues: read; argues every subsequent pivot step depends on this one.

Docs-only change. No code, workflow, or config modifications.