feat(frontend): UX review followups — primitives + a11y/UX fixes across 4 passes

New shared primitives:
- Toaster + toast-store, ConfirmSheet, Modal, focusTrap action,
  pullToRefresh action, avatarPalette + initials helper, Skeleton,
  HeartBurst, haptics, export-status store with onClearAuth hook

Critical UX/a11y:
- Replaced window.confirm with branded ConfirmSheet
- Focus management + Escape on every modal (PIN, Lightbox,
  Onboarding, ContextSheet, data-mode sheet, leave-confirm,
  HTML guide, host/admin ban + PIN-display modals)
- Sheet backdrops are real buttons with aria-label
- Silent ApiError catches now surface via global Toaster

Major polish:
- Dark-mode parity on HashtagChips + avatars (shared palette)
- Conditional Export tab in BottomNav (badge dot when ZIP ready)
- Back chevrons on /recover (history-aware) and /export
- Upload composer discard confirmation when content is staged
- Camera segmented Photo/Video shutter
- PIN auto-submit on 4th digit, paste-flash-free (controlled input)
- Welcome-back toast on /feed after PIN recovery

Minor:
- Skeleton states on feed; pull-to-refresh with live drag indicator
- Haptics on like / capture / submit / PIN-copy / onboarding complete
- Comment 500-char counter; quota "Fast voll" / "Limit erreicht" labels
- Onboarding pip ≥24px tap targets; long-press hint step
- overscroll-behavior lock on <html> while feed mounted
- teardownExportStatus wired via onClearAuth (covers 401 + explicit logout)
- ConfirmSheet per-instance titleId; Modal requires titleId or ariaLabel

Tests (7 new Playwright specs):
- 01-auth/pin-auto-submit, 01-auth/back-chevron
- 03-feed/confirm-sheet-delete, 03-feed/toast-on-failure
- 09-mobile/focus-trap, 09-mobile/sheet-escape,
  09-mobile/upload-cancel-confirm

FOLLOWUPS.md captures the deferred AT inert containment work
with acceptance criteria + implementation sketches.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

e2e/specs/01-auth/pin-auto-submit.spec.ts

@@ -0,0 +1,44 @@
+/**
+ * UX polish — PIN inputs auto-submit on the 4th digit. Both the inline
+ * recovery on /join (name-taken state) and the standalone /recover route
+ * share the same auto-submit pattern: a $effect watching `pin.length === 4`.
+ *
+ * Coverage:
+ *   - Inline recovery on /join: typing 4 digits navigates to /feed without
+ *     a tap on Anmelden.
+ *   - Standalone /recover: typing 4 digits navigates to /feed.
+ */
+import { test, expect } from '../../fixtures/test';
+import { JoinPage, RecoverPage } from '../../page-objects';
+import { clearAllStorage } from '../../helpers/storage-helpers';
+
+test.describe('Auth — PIN auto-submit', () => {
+  test('inline recovery: 4th digit auto-submits and navigates to /feed', async ({ page, guest }) => {
+    const original = await guest('AutoInline');
+    await clearAllStorage(page);
+
+    const join = new JoinPage(page);
+    await join.goto();
+    await join.fillName('AutoInline');
+    await join.submit();
+
+    // Name-taken state: type the PIN one digit at a time, do NOT click submit.
+    await expect(join.recoveryPinInput).toBeVisible();
+    await join.recoveryPinInput.pressSequentially(original.pin, { delay: 30 });
+
+    // Auto-submit must fire on the 4th digit.
+    await page.waitForURL('**/feed', { timeout: 5_000 });
+  });
+
+  test('/recover: 4th digit auto-submits when the name is already filled in', async ({ page, guest }) => {
+    const original = await guest('AutoRecover');
+    await clearAllStorage(page);
+
+    const recover = new RecoverPage(page);
+    await recover.goto();
+    await recover.nameInput.fill('AutoRecover');
+    await recover.pinInput.pressSequentially(original.pin, { delay: 30 });
+
+    await page.waitForURL('**/feed', { timeout: 5_000 });
+  });
+});