ci: add step-security/harden-runner to npm publish workflow

The npm publish job is the highest-value target in this repo's CI:
it has `id-token: write` for OIDC trusted publishing against the npm
registry and runs against a checkout of `main`. A compromised dep
introduced anywhere in the package graph could exfiltrate the OIDC
token in the window it is valid, or quietly tamper with the build
output before publish.

Adds `step-security/harden-runner` in `audit` mode as the first step
of the publish job. Audit mode does not block egress; it captures
every outbound connection and surfaces anomalies in the Step Security
Insights dashboard. This is intentionally the conservative initial
posture — we get observability without risking a broken publish from
an incomplete allow-list. A follow-up should promote `egress-policy`
to `block` with an explicit `allowed-endpoints` list once we have
one or two real publish runs to baseline against.

Pinned to v2.19.3 (ab7a9404c0f3da075243ca237b5fac12c98deaa5).

Co-authored-by: Agent <279763771+playpen-agent@users.noreply.github.com>

.github/workflows/packages-npm-publish.yml

@@ -32,6 +32,16 @@ jobs:
           - packages/logger-js
           - packages/esbuild-plugin-live-reload
     steps:
+      # Network observability for the highest-value job in this repo: it
+      # exchanges an OIDC token for an npm publish credential and has read
+      # access to a checkout of main. `audit` mode logs every outbound
+      # connection and surfaces anomalous egress in the Step Security
+      # Insights dashboard; promotion to `block` with an explicit
+      # allowed-endpoints list should follow once we have one or two real
+      # publish runs to baseline against.
+      - uses: step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
+        with:
+          egress-policy: audit
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
         with:
           fetch-depth: 2