security: use bootstrap key in manifest, add .tmp cache cleanup

- manifest.webmanifest/+server.ts: swap PUBLIC_AE_API_SECRET_KEY →
  PUBLIC_AE_BOOTSTRAP_KEY (least privilege; endpoint only needs a
  site-domain lookup, same as the bootstrap use case)
- electron_relay.ts: add cleanup_tmp_files() — runs `find ... -name
  "*.tmp" -mmin +N -delete` via native run_cmd bridge
- launcher_background_sync.svelte: call cleanup_tmp_files() on mount
  when is_native && cache_root are present (once per startup)
- AE__Permissions_and_Security.md: close Sev-1 audit language
- TODO__Agents.md: mark PUBLIC_AE_API_SECRET_KEY audit as complete

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

documentation/AE__Permissions_and_Security.md

@@ -118,8 +118,10 @@ Returns `1` if `level_a` is higher, `-1` if lower, `0` if equal. Useful for thre
 - Never expose journal content publicly.
 
 ### `PUBLIC_AE_API_SECRET_KEY`
-- Ongoing Sev-1 audit. Do not introduce new usages.
-- Prefer per-request API key headers (`x-aether-api-key` + `x-account-id`).
+- Audit closed 2026-03-11. `PUBLIC_*` prefix is by design — key is always in the client bundle.
+- Anonymous site-domain lookup uses the limited-permission `PUBLIC_AE_BOOTSTRAP_KEY` instead.
+- Security model: API key is one layer; JWT + `x-account-id` scoping provides the primary auth.
+- Do not introduce new usages. Prefer `PUBLIC_AE_BOOTSTRAP_KEY` for unauthenticated lookups.
 
 ### Email Display
 Non-trusted users must never see a full email address. Obscure using: