cc7247e7f6
Adds the Phase 1 design spec for the polymorphic typed-item rewrite (Login, SecureNote, Identity, Card, Key, Document, TOTP — with sections, custom fields, attachments, password history, and the security architecture from the audit baked in from day one). Also adds the initial full-codebase security audit that informs both Phase 0 remediation and Phase 1 design. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>