Audit fanout: console + file + audit_log + optional external sink

## Что это Каждый `logger.audit(event, payload)` call fanouts через sanitizer и emit на multiple sinks: 1. **Console** (dev only): structured JSON для local debug 2. **File**: `~/.rox/logs//.log` с rotation 100MB 3. **audit_log** (SQLite): для query API и hash-chain (E07 storage) 4. **External sink** (optional, enterprise): OTLP → Tempo/Datadog/Splunk; webhook → custom URL; S3 batched upload Sanitizer прогоняется ДО fanout: PII-маскирование, secret-stripping, payload-size truncation (>10KB → reference + content stored separately). Компоненты: `@rox-one/audit/fanout`, sink-adapters в `packages/audit/sinks/*`. T219 fanout spec. ## Зачем Single-sink (только file) ломает в production: file-rotation теряет events, query — grep на gigabytes, no real-time alerting. Fanout с pluggable sinks даёт каждой команде нужный backend без changes в emit-call sites. ## Источники вдохновения - [OneUptime/oneuptime](https://github.com/OneUptime/oneuptime) — structured logging fanout patterns - [Openpanel-dev/openpanel](https://github.com/Openpanel-dev/openpanel) — event ingestion с multi-sink - [Agenta-AI/agenta](https://github.com/Agenta-AI/agenta) — LLMOps audit + trace fanout ## 🔗 Linear - [PZD-413](https://linear.app/kuhjie/issue/PZD-413) — backing ticket