Add an approval gate for auto-extracted memories

[romgenie]

Local source: coven-code/issues/10-add-approval-gate-for-auto-extracted-memories.md

Summary

Auto-extracted memories should not be written directly to durable memory in hosted mode. They should become reviewable candidates that can be accepted, edited, rejected, or expired.

Current Evidence

• SessionMemoryExtractor::persist appends extracted memories directly under ## Auto-extracted memories.
• query/src/lib.rs calls persist in a detached task after extraction.
• AutoDream consolidation suggests file changes with foreground user approval, but session extraction persistence does not use a comparable approval gate.

Problem

Direct persistence makes model extraction errors durable. Even trusted maintainer sessions can produce low-quality or overbroad memories. Hosted review needs a governance step.

Proposed Design

Introduce a memory candidate store:

memory-candidates/
  <candidate-id>.json

Each candidate should include:

• content
• category
• confidence
• provenance
• trust level
• proposed scope
• proposed visibility
• suggested expiry
• status: pending, approved, rejected, expired

Add CLI/API operations to approve or reject candidates.

Acceptance Criteria

• Hosted mode writes memory candidates, not durable memory, by default.
• Local mode can keep current direct persistence unless configured otherwise.
• Candidates can be approved into durable memory.
• Candidates can be rejected with a reason.
• Tests verify candidate creation and approval promotion.
• Documentation covers review workflow for learned memory.

Product Notes

The GitHub App dashboard should surface pending memory candidates per repo and show where each candidate came from.