#11048: fix: address repository issues (env, author, CI comments, security docs)

## Summary This PR addresses several minor issues identified during a repository review. ## Changes ### 1. [.env.example](cci:7://file:///c:/antigravity/openclaw/openclaw/.env.example:0:0-0:0) - Updated to reflect actual integrations - Removed outdated Twilio references (project uses Baileys for WhatsApp) - Added accurate channel credential examples (Telegram, Discord, Slack, etc.) - Added security warning about credential handling ### 2. [package.json](cci:7://file:///c:/antigravity/openclaw/openclaw/package.json:0:0-0:0) - Added missing author - Set author to "Peter Steinberger and contributors" ### 3. [.github/workflows/ci.yml](cci:7://file:///c:/antigravity/openclaw/openclaw/.github/workflows/ci.yml:0:0-0:0) - Improved iOS CI documentation - Added detailed comment explaining why iOS CI is disabled - Documents the reasons (runner limits, simulator flakiness) - References local development commands ### 4. [SECURITY.md](cci:7://file:///c:/antigravity/openclaw/openclaw/SECURITY.md:0:0-0:0) - Enhanced prompt injection documentation - Added context explaining why prompt injection is "out of scope" - Added mitigation recommendations for security-conscious users ## Testing - Verified [package.json](cci:7://file:///c:/antigravity/openclaw/openclaw/package.json:0:0-0:0) remains valid JSON - Verified author field is correctly populated - No functional changes; documentation/config only <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> - Updated `.env.example` to remove Twilio variables and document channel credential examples + credential-handling warning. - Added a non-empty `author` field to `package.json`. - Expanded comments in CI workflow explaining why the iOS job is disabled and how to run iOS builds locally. - Extended `SECURITY.md` with rationale for prompt-injection being out of scope and added user-facing mitigations. <h3>Confidence Score: 4/5</h3> - This PR is mostly safe to merge, but contains a couple of user-facing documentation link issues that should be corrected first. - Changes are limited to docs/config and don’t alter runtime behavior, but the newly added docs URLs in `.env.example` / `SECURITY.md` appear inconsistent with existing docs routes in the repo and may be dead links for users. - .env.example, SECURITY.md <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->