feat: implement 8 OpenSpec proposals for security, reliability, and UX improvements

## Security Enhancements (P0)
- Add input validation with max_length and numeric range constraints
- Implement WebSocket token authentication via first message
- Add path traversal prevention in file storage service

## Permission Enhancements (P0)
- Add project member management for cross-department access
- Implement is_department_manager flag for workload visibility

## Cycle Detection (P0)
- Add DFS-based cycle detection for task dependencies
- Add formula field circular reference detection
- Display user-friendly cycle path visualization

## Concurrency & Reliability (P1)
- Implement optimistic locking with version field (409 Conflict on mismatch)
- Add trigger retry mechanism with exponential backoff (1s, 2s, 4s)
- Implement cascade restore for soft-deleted tasks

## Rate Limiting (P1)
- Add tiered rate limits: standard (60/min), sensitive (20/min), heavy (5/min)
- Apply rate limits to tasks, reports, attachments, and comments

## Frontend Improvements (P1)
- Add responsive sidebar with hamburger menu for mobile
- Improve touch-friendly UI with proper tap target sizes
- Complete i18n translations for all components

## Backend Reliability (P2)
- Configure database connection pool (size=10, overflow=20)
- Add Redis fallback mechanism with message queue
- Add blocker check before task deletion

## API Enhancements (P3)
- Add standardized response wrapper utility
- Add /health/ready and /health/live endpoints
- Implement project templates with status/field copying

## Tests Added
- test_input_validation.py - Schema and path traversal tests
- test_concurrency_reliability.py - Optimistic locking and retry tests
- test_backend_reliability.py - Connection pool and Redis tests
- test_api_enhancements.py - Health check and template tests

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

openspec/specs/automation/spec.md

@@ -98,6 +98,43 @@
 - **THEN** 系統篩選 due_date >= 下週一 且 < 下週日
 - **AND** 排除已完成狀態的任務
 
+### Requirement: Formula Field Cycle Prevention
+The system SHALL detect and prevent circular references in custom field formulas to avoid infinite calculation loops.
+
+#### Scenario: Formula self-reference rejected
+- **WHEN** user creates a formula field that references itself
+- **THEN** system rejects with 400 Bad Request
+- **THEN** error message indicates self-reference is not allowed
+
+#### Scenario: Formula circular reference chain rejected
+- **WHEN** user creates formula where Field A references Field B and Field B references Field A
+- **THEN** system rejects with 400 Bad Request
+- **THEN** error message includes the reference cycle path
+
+#### Scenario: Valid formula references accepted
+- **WHEN** user creates formula referencing other fields without cycles
+- **THEN** system saves the formula and calculates values correctly
+
+### Requirement: Trigger Execution Retry
+The system SHALL retry failed trigger executions with exponential backoff to handle transient failures.
+
+#### Scenario: Trigger succeeds after retry
+- **WHEN** trigger execution fails due to transient error
+- **THEN** system retries after 1 second delay
+- **WHEN** retry succeeds
+- **THEN** trigger is marked as successful in execution log
+
+#### Scenario: Trigger exhausts retries
+- **WHEN** trigger execution fails 3 consecutive times
+- **THEN** system marks trigger execution as permanently failed
+- **THEN** system sends alert notification to system administrators
+- **THEN** execution log contains all retry attempts with error details
+
+#### Scenario: Non-retryable error
+- **WHEN** trigger fails with validation or permission error (4xx)
+- **THEN** system does not retry and marks as failed immediately
+- **THEN** error is logged with appropriate categorization
+
 ## Data Model
 
 ```