docs: remove admin SPA references and update production URLs

The admin SPA (apps/admin/) has been retired. Its functionality now
lives in apps/app/ under /platform/* routes for super_admin users.
Updated all documentation to reflect: 2 SPAs instead of 3, removed
FRONTEND_ADMIN_URL/port 5173 references, changed production URL from
app.crewli.app to crewli.app. Retired admin-specific security audit
findings (A13-2, A13-4, A13-5, A13-7) and APPS-01 backlog item.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

.cursor/rules/001_workspace.mdc

@@ -123,8 +123,7 @@ crewli/
 | Service | URL | Env Variable |
 |---------|-----|--------------|
 | API | `http://localhost:8000/api/v1` | - |
-| Admin SPA | `http://localhost:5173` | `FRONTEND_ADMIN_URL` |
-| Organizer SPA | `http://localhost:5174` | `FRONTEND_APP_URL` |
+| Organizer + Admin SPA | `http://localhost:5174` | `FRONTEND_APP_URL` |
 | Portal SPA | `http://localhost:5175` | `FRONTEND_PORTAL_URL` |
 | MySQL | `localhost:3306` | - |
 | Redis | `localhost:6379` | - |
@@ -137,12 +136,11 @@ crewli/
 | Service | URL | Env variable |
 |---------|-----|--------------|
 | API | `https://api.crewli.app` | `APP_URL` |
-| Admin SPA | `https://admin.crewli.app` | `FRONTEND_ADMIN_URL` |
-| Organizer SPA | `https://app.crewli.app` | `FRONTEND_APP_URL` |
+| Organizer + Admin SPA | `https://crewli.app` | `FRONTEND_APP_URL` |
 | Portal SPA | `https://portal.crewli.app` | `FRONTEND_PORTAL_URL` |
 
 ### CORS
-Three frontend origins configured in `config/cors.php` via env variables. Each Vite dev server gets its own port for CORS isolation. In production, set the same env vars to the `https://…` origins above (see `api/.env.example`).
+Two frontend origins configured in `config/cors.php` via env variables. Each Vite dev server gets its own port for CORS isolation. In production, set the same env vars to the `https://...` origins above (see `api/.env.example`).
 
 ## Git Conventions
 

.cursor/rules/101_vue.mdc

@@ -18,15 +18,12 @@ alwaysApply: true
 
 ## App-Specific Rules
 
-### `apps/admin/` (Super Admin)
-- Full Vuexy template unchanged (sidebar, dark mode, customizer)
-- Minimal modifications needed
-
-### `apps/app/` (Organizer - Main App)
+### `apps/app/` (Organizer + Platform Admin - Main App)
 - Sidebar nav customized for Crewli structure
 - Remove Vuexy demo/customizer components
 - Full Vuetify component usage
 - 90% of development work happens here
+- Super admin functionality under `/platform/*` routes for `super_admin` users
 
 ### `apps/portal/` (External Portal)
 - Stripped Vuexy: no sidebar, no customizer, no dark mode toggle

.cursor/rules/102_multi_tenancy.mdc

@@ -189,14 +189,13 @@ class PortalTokenMiddleware
 ```php
 // config/cors.php
 'allowed_origins' => [
-    env('FRONTEND_ADMIN_URL', 'http://localhost:5173'),
     env('FRONTEND_APP_URL', 'http://localhost:5174'),
     env('FRONTEND_PORTAL_URL', 'http://localhost:5175'),
 ],
 'supports_credentials' => true,
 ```
 
-Production example (subdomains on **crewli.app**): `FRONTEND_ADMIN_URL=https://admin.crewli.app`, `FRONTEND_APP_URL=https://app.crewli.app`, `FRONTEND_PORTAL_URL=https://portal.crewli.app`, and `SANCTUM_STATEFUL_DOMAINS=admin.crewli.app,app.crewli.app,portal.crewli.app`.
+Production example (subdomains on **crewli.app**): `FRONTEND_APP_URL=https://crewli.app`, `FRONTEND_PORTAL_URL=https://portal.crewli.app`, and `SANCTUM_STATEFUL_DOMAINS=crewli.app,portal.crewli.app`.
 
 ## Shift Claiming & Approval Flow