Implement Bootstrap Paradox resolution for V3 site domain lookup

- Modified lookup_site_domain_v3 to strictly strip auth headers for guest lookup
- Enhanced /testing page with FQDN input and improved error visibility
- Updated TODO.md with Technical Debt refactoring roadmap
- Documented Unified Aether AI Agent (UE-AE-01) transition progress in GEMINI.md

src/lib/ae_core/ae_core__site.ts

@@ -110,8 +110,7 @@ export async function lookup_site_domain({
     return null;
 }
 
-// Updated 2026-01-06
-// Updated 2026-01-06
+// Updated 2026-01-07
 export async function lookup_site_domain_v3({
     api_cfg,
     fqdn,
@@ -127,6 +126,28 @@ export async function lookup_site_domain_v3({
         console.log(`*** lookup_site_domain_v3() *** fqdn=${fqdn}`);
     }
 
+    // CRITICAL: For the unauthenticated Bootstrap lookup, we must NOT send 
+    // any existing auth tokens or account IDs that might be in the global config.
+    const guest_api_cfg = { ...api_cfg };
+    guest_api_cfg.headers = { ...api_cfg.headers };
+    
+    const auth_props = [
+        'x-account-id', 
+        'x-aether-api-token', 
+        'Authorization', 
+        'authorization', 
+        'jwt', 
+        'JWT'
+    ];
+    
+    auth_props.forEach(prop => {
+        delete guest_api_cfg.headers[prop];
+        delete guest_api_cfg.headers[prop.toLowerCase()];
+        delete guest_api_cfg.headers[prop.replaceAll('-', '_')];
+    });
+    delete guest_api_cfg.jwt;
+    delete guest_api_cfg.account_id;
+
     const search_query = {
         q: fqdn
     };
@@ -134,7 +155,7 @@ export async function lookup_site_domain_v3({
     // We use search because we are looking up by a unique field (fqdn) rather than ID.
     // The backend should return a list, but since FQDN is unique, it will have 1 item.
     const result_li = await api.search_ae_obj_v3({
-        api_cfg,
+        api_cfg: guest_api_cfg,
         obj_type: 'site_domain',
         search_query,
         view, // This view should ideally join with site and account for the root lookup