docs: update README and CLAUDE.md for current feature set

Add Grype/Snyk to supported formats, settings route, filter bar
component, accent theming. Fix dark mode description.

CLAUDE.md

@@ -53,6 +53,7 @@ Dark-mode-only SOC dashboard shell with collapsible sidebar (52px collapsed / 18
 | `/findings` | `FindingLive.Index` | Finding list (Flop) + inline triage actions |
 | `/assets` | `AssetLive.Index` | Asset inventory (Flop) |
 | `/assets/:id` | `AssetLive.Show` | Asset detail + metadata + findings |
+| `/settings` | `SettingsLive` | Accent theming preferences (persisted in localStorage) |
 
 ### Frontend
 
@@ -62,9 +63,10 @@ Dark-mode-only SOC dashboard shell with collapsible sidebar (52px collapsed / 18
 - **Severity badges** — 3-letter labels (CRT/HI/MED/LOW) with `font-mono text-xxs` and colored border/bg. Finding status badges use short labels (Open/Ack/Fixed/FP).
 - **Flop / Flop.Phoenix** — filtering, sorting, pagination for all list pages. Schemas derive `Flop.Schema` with filterable/sortable fields.
 - **esbuild** — bundles `assets/js/app.js` -> `priv/static/assets/js/app.js`. JS deps go in `assets/vendor/` and are imported from `app.js`.
-- **Colocated hooks** — LiveView JS hooks use `phoenix-colocated` pattern, imported in `app.js`. Custom hooks (`Sidebar`, `StatusBar`) are defined in `app.js` and merged with colocated hooks.
+- **Colocated hooks** — LiveView JS hooks use `phoenix-colocated` pattern, imported in `app.js`. Custom hooks (`Sidebar`, `StatusBar`, `Settings`, `FilterBar`) are defined in `app.js` and merged with colocated hooks.
 - Only `app.js` and `app.css` bundles exist. Vendor JS deps must be imported into `app.js`. Google Fonts loaded via `<link>` in root layout (exception for web fonts).
-- **Shared components** in `CoreComponents`: `stat_card/1`, `severity_badge/1`, `scan_status/1`, `finding_status_badge/1`. Used across all pages.
+- **Shared components** in `CoreComponents`: `stat_card/1`, `severity_badge/1`, `scan_status/1`, `finding_status_badge/1`, `filter_bar/1`. Used across all pages.
+- **Filter bars** — cmd+K styled search + quick-filter pills on vulnerabilities (severity), findings (status), and assets (type) pages. `FilterBar` JS hook enables keyboard shortcut. Accent theming via `data-accents` attribute on `<body>`, controlled by `Settings` hook with localStorage persistence.
 
 ### Key conventions
 

README.md

@@ -6,12 +6,12 @@ Built with Phoenix 1.8, LiveView 1.1, PostgreSQL, and Oban.
 
 ## Features
 
-- **Multi-format ingestion** — Upload Trivy JSON, SARIF, or CycloneDX reports. Auto-detects format and tool.
+- **Multi-format ingestion** — Upload Trivy JSON, SARIF, CycloneDX, Grype, and Snyk reports. Auto-detects format and tool.
 - **Async processing** — Oban workers parse artifacts in the background with retry support.
 - **Real-time updates** — PubSub broadcasts push scan status and finding changes to all connected clients.
 - **Triage workflow** — Acknowledge, resolve, or mark findings as false positives inline.
-- **Flop-powered tables** — Sortable, paginated tables across all list views.
-- **Dark mode** — System, light, and dark theme toggle with zinc/slate palette.
+- **Flop-powered tables** — Sortable, filterable, paginated tables across all list views with cmd+K filter bars and quick-filter pills.
+- **Dark-mode SOC aesthetic** — Zinc palette with optional accent theming. Inter for UI, JetBrains Mono for technical data.
 
 ## Getting Started
 
@@ -93,6 +93,7 @@ Upload → `Scan` record (pending) → Oban `ParseJob` → Detector identifies t
 | `/findings` | `FindingLive.Index` | Finding list + triage |
 | `/assets` | `AssetLive.Index` | Asset inventory |
 | `/assets/:id` | `AssetLive.Show` | Asset detail + findings |
+| `/settings` | `SettingsLive` | Accent theming preferences |
 
 ## License