feat: P1 보안/성능 개선 및 마이그레이션 자동화

Security fixes:
- migrate.ts: SQL/Command Injection 방지 (spawnSync 사용)
- migrate.ts: Path Traversal 검증 추가
- api-tester.ts: API 키 마스킹 (4자만 노출)
- api-tester.ts: 최소 16자 키 길이 검증
- cache.ts: ReDoS 방지 (패턴 길이/와일드카드 제한)

Performance improvements:
- cache.ts: 순차 삭제 → 병렬 배치 처리 (50개씩)
- cache.ts: KV 등록 fire-and-forget (non-blocking)
- cache.ts: 메모리 제한 (5000키)
- cache.ts: 25초 실행 시간 가드
- cache.ts: 패턴 매칭 prefix 최적화

New features:
- 마이그레이션 자동화 시스템 (scripts/migrate.ts)
- KV 기반 캐시 인덱스 (invalidatePattern, clearAll)
- 글로벌 CacheService 싱글톤

Other:
- .env.example 추가, API 키 환경변수 처리
- CACHE_TTL.RECOMMENDATIONS (10분) 분리
- e2e-tester.ts JSON 파싱 에러 핸들링 개선

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

migrations/000_migration_history.sql

@@ -0,0 +1,34 @@
+-- Migration 000: Migration History Tracking
+-- Description: Creates table to track which migrations have been applied
+-- Date: 2026-01-25
+-- Author: Claude Code
+
+-- ============================================================
+-- Table: migration_history
+-- Purpose: Track applied database migrations
+-- ============================================================
+
+CREATE TABLE IF NOT EXISTS migration_history (
+  id INTEGER PRIMARY KEY AUTOINCREMENT,
+  migration_name TEXT NOT NULL UNIQUE,      -- e.g., "002_add_composite_indexes"
+  applied_at TEXT NOT NULL DEFAULT (datetime('now')),
+  execution_time_ms INTEGER,                -- Time taken to execute
+  success INTEGER NOT NULL DEFAULT 1,       -- 0=failed, 1=succeeded
+  error_message TEXT,                       -- Error details if failed
+  checksum TEXT                             -- Future: file content hash for validation
+);
+
+-- Index for quick lookup of applied migrations
+CREATE INDEX IF NOT EXISTS idx_migration_history_name
+  ON migration_history(migration_name);
+
+-- Index for status queries
+CREATE INDEX IF NOT EXISTS idx_migration_history_success
+  ON migration_history(success);
+
+-- ============================================================
+-- Notes
+-- ============================================================
+-- This table is created first (000) to track all subsequent migrations.
+-- Safe to re-run: uses IF NOT EXISTS for idempotency.
+-- Migrations are tracked by filename without .sql extension.

migrations/README.md

@@ -2,7 +2,43 @@
 
 This directory contains SQL migration files for database schema changes.
 
-## Migration Files
+## Automated Migration System
+
+The project uses an **automated migration tracking system** that:
+- ✅ Automatically detects and runs unapplied migrations
+- ✅ Tracks migration history in the database
+- ✅ Executes migrations in numerical order
+- ✅ Safe to run multiple times (idempotent)
+- ✅ Records execution time and errors
+
+### Quick Start
+
+```bash
+# Check migration status
+npm run db:migrate:status
+
+# Run all pending migrations (local)
+npm run db:migrate
+
+# Run all pending migrations (remote)
+npm run db:migrate:remote
+```
+
+### Migration Files
+
+All migration files are named with a numeric prefix for ordering:
+- `000_migration_history.sql` - Creates migration tracking table (always runs first)
+- `002_add_composite_indexes.sql` - Query performance optimization
+- `003_add_retail_pricing.sql` - Add retail pricing columns
+- `004_anvil_tables.sql` - Anvil-branded product tables
+
+## Migration Details
+
+### 000_migration_history.sql
+**Date**: 2026-01-25
+**Purpose**: Create migration tracking system
+- Creates `migration_history` table to track applied migrations
+- Records execution time, success/failure status, and error messages
 
 ### 002_add_composite_indexes.sql
 **Date**: 2026-01-21
@@ -18,16 +54,45 @@ This directory contains SQL migration files for database schema changes.
 - Improves JOIN performance between instance_types, pricing, and regions tables
 - Enables efficient ORDER BY on hourly_price without additional sort operations
 
+### 003_add_retail_pricing.sql
+**Date**: 2026-01-23
+**Purpose**: Add retail pricing fields to all pricing tables
+- Adds `hourly_price_retail` and `monthly_price_retail` columns
+- Backfills existing data with 1.21x markup
+
+### 004_anvil_tables.sql
+**Date**: 2026-01-25
+**Purpose**: Create Anvil-branded product tables
+- `anvil_regions` - Anvil regional datacenters
+- `anvil_instances` - Anvil instance specifications
+- `anvil_pricing` - Anvil retail pricing with cost tracking
+- `anvil_transfer_pricing` - Data transfer pricing
+
 ## Running Migrations
 
-### Local Development
+### Automated (Recommended)
+
 ```bash
-npm run db:migrate
+# Check current status
+npm run db:migrate:status              # Local database
+npm run db:migrate:status:remote       # Remote database
+
+# Run all pending migrations
+npm run db:migrate                     # Local database
+npm run db:migrate:remote              # Remote database
 ```
 
-### Production
+### Manual (Backward Compatibility)
+
+Individual migration scripts are still available:
+
 ```bash
-npm run db:migrate:remote
+npm run db:migrate:002                 # Local
+npm run db:migrate:002:remote          # Remote
+npm run db:migrate:003                 # Local
+npm run db:migrate:003:remote          # Remote
+npm run db:migrate:004                 # Local
+npm run db:migrate:004:remote          # Remote
 ```
 
 ## Migration Best Practices