feat: add audit database and safer image review

src/app/api/character/cleanup/route.ts

@@ -1,4 +1,5 @@
 import { NextResponse } from 'next/server';
+import { recordEvent } from '@/lib/auditDb';
 import { buildCharacterSpec, cleanupCharacterAnchor } from '@/lib/packGenerator';
 import { loadSession, saveSession } from '@/lib/storage';
 import type { CleanupCharacterRequest, CleanupCharacterResponse } from '@/lib/types';
@@ -20,12 +21,22 @@ export async function POST(req: Request) {
   if (!sourceImage) return NextResponse.json({ error: 'image not found' }, { status: 404 });
 
   try {
+    recordEvent({ action: 'character.cleanup_started', sessionId, targetType: 'image', targetId: imageId, status: 'started', metadata: { force, preserveLevel } });
     const characterSpec = session.characterSpec?.sourceImageId === imageId
       ? session.characterSpec
       : await buildCharacterSpec(session, sourceImage);
     const cleaned = await cleanupCharacterAnchor({ session, sourceImage, characterSpec, force, preserveLevel });
     session.characterSpec = cleaned.characterSpec;
     await saveSession(session);
+    recordEvent({
+      action: 'character.cleanup_completed',
+      sessionId,
+      targetType: 'image',
+      targetId: imageId,
+      status: 'ok',
+      provider: cleaned.provider,
+      metadata: { preserveLevel, cleanReferenceImageUrl: cleaned.cleanReferenceImageUrl },
+    });
 
     return NextResponse.json({
       characterSpec: cleaned.characterSpec,
@@ -33,6 +44,7 @@ export async function POST(req: Request) {
       provider: cleaned.provider,
     } satisfies CleanupCharacterResponse);
   } catch (error) {
+    recordEvent({ action: 'character.cleanup_failed', sessionId, targetType: 'image', targetId: imageId, status: 'error', message: String(error) });
     return NextResponse.json({ error: String(error) }, { status: 500 });
   }
 }