feat: add Claude review and Jules CI failure workflows

- claude-review.yml: automatic PR review in French (security, bugs, quality)
- claude.yml: on-demand @claude trigger in issues and PR comments
- ci-failure-to-issue.yml: opens/updates a jules-labeled issue on CI failure

https://claude.ai/code/session_01LWm3sagPyEeCw6f9hL6M2y

Author: claude

.github/workflows/ci-failure-to-issue.yml

@@ -0,0 +1,50 @@
+name: CI Failure to Jules Issue
+
+on:
+  workflow_run:
+    workflows: ["Security Scan", "CI"]
+    branches: [main]
+    types: [completed]
+
+permissions:
+  issues: write
+
+jobs:
+  create-issue:
+    if: github.event.workflow_run.conclusion == 'failure'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Create or comment Jules issue
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const workflowName = context.payload.workflow_run.name;
+            const sha = context.payload.workflow_run.head_sha;
+            const runUrl = context.payload.workflow_run.html_url;
+            const title = `[CI] Échec : ${workflowName}`;
+
+            const { data: issues } = await github.rest.issues.listForRepo({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              labels: 'jules',
+              state: 'open',
+            });
+
+            const existing = issues.find(i => i.title === title);
+
+            if (existing) {
+              await github.rest.issues.createComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: existing.number,
+                body: `Nouvel échec détecté pour **${workflowName}** sur \`main\`.\nCommit : ${sha}\nLien : ${runUrl}`,
+              });
+            } else {
+              await github.rest.issues.create({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                title: title,
+                body: `Le workflow **${workflowName}** a échoué sur \`main\`.\n\nCommit : ${sha}\nLien : ${runUrl}\n\nMerci de diagnostiquer et corriger l'échec.`,
+                labels: ['bug', 'jules'],
+              });
+            }

.github/workflows/claude-review.yml

@@ -0,0 +1,30 @@
+name: Claude PR Review
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  review:
+    if: github.actor != 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          direct_prompt: |
+            Analyse ce diff de Pull Request en tant qu'expert en sécurité et qualité de code.
+
+            Fournis une revue détaillée en français couvrant :
+            1. **Failles de sécurité** (injections, XSS, exposition de données sensibles, secrets exposés, etc.)
+            2. **Bugs potentiels** (erreurs logiques, cas limites non gérés, régressions possibles, etc.)
+            3. **Qualité du code** (lisibilité, maintenabilité, bonnes pratiques)
+
+            Pour chaque point identifié, indique la sévérité :
+            🔴 Critique / 🟠 Haute / 🟡 Moyenne / 🟢 Faible
+
+            Si aucun problème n'est détecté, indique-le clairement avec un résumé positif.

.github/workflows/claude.yml

@@ -0,0 +1,23 @@
+name: Claude Code
+
+on:
+  issue_comment:
+    types: [created]
+  pull_request_review_comment:
+    types: [created]
+
+permissions:
+  contents: write
+  pull-requests: write
+  issues: write
+
+jobs:
+  claude:
+    if: |
+      contains(github.event.comment.body, '@claude') &&
+      github.actor != 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}