fix: add hard gates for manual docker build bypass and intake skipping

Post-mortem from website agent session that manually built/pushed Docker
images instead of using existing Woodpecker CI pipelines. Root cause:
agent skipped E2E intake because the task "felt simple."

AGENTS.md hard gates 10-12:
- Manual docker build/push FORBIDDEN when CI pipelines exist
- MUST check for pipeline config before any build/deploy action
- Load order and intake are NOT conditional on task complexity

E2E-DELIVERY.md:
- Complexity trap warning on intake section
- Mandatory deployment surface check (step 3) with pipeline discovery
- Expanded forbidden anti-patterns with Build/Deploy section

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

AGENTS.md

@@ -34,6 +34,9 @@ If any required file is missing, you MUST stop and report the missing file.
 7. For issue/PR/milestone operations, you MUST use Mosaic wrappers first (`~/.config/mosaic/tools/git/*.sh`).
 8. If any required wrapper command fails, status is `blocked`; report the exact failed wrapper command and stop.
 9. Do NOT stop at "PR created". Do NOT ask "should I merge?" Do NOT ask "should I close the issue?".
+10. Manual `docker build` / `docker push` for deployment is FORBIDDEN when CI/CD pipelines exist in the repository. CI is the ONLY canonical build path for container images.
+11. Before ANY build or deployment action, you MUST check for existing CI/CD pipeline configuration (`.woodpecker/`, `.woodpecker.yml`, `.github/workflows/`, etc.). If pipelines exist, use them — do not build locally.
+12. The mandatory load order and intake procedure are NOT conditional on perceived task complexity. A "simple" commit-push-deploy task has the same procedural requirements as a multi-file feature. Skipping intake because a task "seems simple" is the most common framework violation.
 
 ## Non-Negotiable Operating Rules