ci: bump reviewer max-turns and add selective-read rule for large PRs

[lxcong]

Summary

Fixes two issues with the Claude reviewer observed on PR #11 (73-file archive removal):

1. Max-turns exhausted: --max-turns 8 was enough for small PRs but ran out on a 73-file diff. Bumped to 20.
2. Mandatory "Read each file" rule: for large PRs this is token-wasteful and unnecessary. Changed to selective: Read-each for PRs ≤15 files; diff-only for PRs >15 files (with escape hatch to Read if a suspected Critical finding needs context).

Also added an explicit skip list: skills/agentkey/references/, lock files, generated/vendored content — never Read those, they're noise.

Expected behavior (this PR's own review)

This PR is 1 file, 12/5 line change. Should trigger STEP 2's Read-each path. Should post ✅ No issues found within ~3 turns.

Test plan

• YAML valid
• Does NOT touch archive/** (rule still in effect — good)
• Claude reviewer comments on this PR, passes within budget
• Future large PRs (>15 files) get a "Large PR — diff-only review" comment

Note

Because this PR modifies .github/workflows/claude-pr-review.yml, Claude Code GitHub App's security mechanism will refuse to run the reviewer on it (workflow diff-from-main guard). Expect review check to fail with "Workflow validation failed" — that's the security feature working, not a real failure. Merging anyway; from next PR onward the tuned version takes effect.