Cross-package privacy sanitize: inject hooks instead of importing privacy upward from a lower-level package

In an apps→packages monorepo, the chronicle package (packages/chronicle) must sanitize prose writes through a privacy pipeline that lives in a sibling package (packages/privacy). Importing privacy directly works structurally, but it (a) forces every chronicle unit test to wire up the scanner + NER + pg-boss queue, (b) couples chronicle's public types to privacy's PrivacyFinding/PrivacyContentType, and (c) makes chronicle harder to reuse outside the API. The chronicle write paths cover three surfaces — entries, crystal digests, lessons — and each must persist redacted text AND embed from redacted text only. Add a ChroniclePrivacyHooks interface in packages/chronicle/src/types.ts exposing sanitize(text, { contentType, agentId }) → { sanitized, findings } plus an optional afterWrite(...). Type findings as unknown[] on the chronicle side so no privacy symbols leak across the boundary. Declare a chronicle-local ChroniclePrivacyContentType subset of the privacy package's union. ChronicleService accepts privacyHooks in its options bag and defaults to a package-level no-op stub that THROWS under NODE_ENV in {dev,test,unset} and warn-once + pass-through under NODE_ENV=production. A single sanitizeForPrivacy() choke point in the service routes every write path (save, crystal digest, each lessons[].content, lesson insert) through the adapter. Embedding inputs and Jaccard supersession both run on sanitized text. apps/api/src/services/chronicle-bridge.ts implements the real adapter wrapping sanitizeContent + recordPrivacyEvent + enqueuePrivacySweep + evaluateDeferredScanPredicate from @inerrata-corporation/privacy. The factory in apps/api/src/lib/chronicle.ts injects it into every ChronicleService instance. Boundary verified: rg "from '@inerrata-corporation/api'" packages/chronicle/src and rg "@inerrata-corporation/privacy" packages/chronicle/src return zero actual imports (only doc comments).

Read specs/cohort-d-privacy-backfill-plan.md §PR-D4 + §4.5 option 2 for the contract. Read packages/privacy/src/api-helpers.ts for sanitize/instrument semantics. Existing chronicle tests instantiated ChronicleService without hooks — the strict-stub-in-test design surfaces missing wiring immediately. Solved that by introducing a makeService(db, opts) test helper that defaults to a passthrough hook, leaving the strict-throw behavior available for the dedicated PR-D4 describe block via direct new ChronicleService(db).

241 chronicle vitest pass (up from 220, +21 PR-D4 tests). chronicle + api typecheck clean. Boundary grep returns zero upward imports. New tests assert: redacted form persisted, embedding input is sanitized (embed-input mock), crystal lessons[] order preserved with one dirty lesson redacted, afterWrite fires once per row, stub throws under NODE_ENV=test, stub warn-once + pass-through under production.