docs: add PR Review Fleet workflow README and design notes

[tylerbutler]

Adds two docs alongside the fleet review workflows in .github/workflows/:

• pr-review-fleet.README.md — reference for the four workflows that compose the fleet review system (pr-review-auto-route, pr-review-confirm, pr-review-dispatch, pr-review-fleet). Covers triggers, permissions, sizing thresholds, end-to-end flows for both the auto-route and label paths, and per-workflow security invariants.
• pr-review-fleet.design-notes.md — design discussion of pull_request vs pull_request_target as applied to this pipeline. Covers why the auto-router can safely run on pull_request_target (never checks out PR head), how the fleet workflow isolates the credentialed Copilot agent from git (no shell tools + persist-credentials: false + prompt loaded from base branch), output scrubbing as defense-in-depth, the actions: write requirement on the confirm workflow, and existing actor-permission checks.

Docs-only. No workflow behavior changes.

[github-actions]

Hi! Thank you for opening this PR. Want me to review it?

Based on the diff (155 lines, 2 files), I've queued these reviewers:

• Correctness — logic errors, race conditions, lifecycle issues
• Security — vulnerabilities, secret exposure, injection
• API Compatibility — breaking changes, release tags, type design
• Performance — algorithmic regressions, memory leaks
• Testing — coverage gaps, hollow tests

How this works

• Adjust the reviewer set by ticking/unticking boxes above. Reviewer toggles alone don't trigger anything.

• Tick Start review below to dispatch the review fleet.

• After review finishes, tick Start review again to request another run — it auto-resets after each dispatch.

• This comment updates as new commits land; your reviewer selections are preserved.

• Start review

[Copilot]

Pull request overview

Adds documentation alongside the PR Review Fleet GitHub Actions workflows to explain how the fleet system is triggered, routed, and secured (including the pull_request vs pull_request_target rationale and the credential/prompt-isolation invariants).

Changes:

• Add a workflow reference README describing the four fleet workflows, their triggers/permissions, sizing thresholds, end-to-end flows, and security invariants.
• Add design notes explaining the security tradeoffs of pull_request vs pull_request_target as applied to this pipeline.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
.github/workflows/pr-review-fleet.README.md	Reference documentation for the fleet review workflow system (triggers, permissions, flow, security invariants).
.github/workflows/pr-review-fleet.design-notes.md	Design/security notes for choosing pull_request vs pull_request_target in this pipeline.

[github-actions]

🔗 No broken links found! ✅

Your attention to detail is admirable.

linkcheck output

> fluid-framework-docs-site@0.0.0 ci:check-links /home/runner/work/FluidFramework/FluidFramework/docs
> start-server-and-test "npm run serve -- --no-open" 3000 check-links

1: starting server using command "npm run serve -- --no-open"
and when url "[ 'http://127.0.0.1:3000' ]" is responding with HTTP status code 200
running tests using command "npm run check-links"


> fluid-framework-docs-site@0.0.0 serve
> docusaurus serve --no-open

[SUCCESS] Serving "build" directory at: http://localhost:3000/

> fluid-framework-docs-site@0.0.0 check-links
> linkcheck http://localhost:3000 --skip-file skipped-urls.txt

Crawling...

Stats:
  288859 links
    1925 destination URLs
    2175 URLs ignored
       0 warnings
       0 errors