docs: fix markdown formatting and improve git hook security

- Fix markdown list spacing (MD030) in performance, audit logs, and CSP docs
- Remove ineffective while loop in commit-msg hook that caused subshell issues
- Improve fetchWithRetry function with proper retry limits and exponential backoff
- Update CSP metrics retention documentation for consistency

.husky/commit-msg

@@ -6,36 +6,7 @@
 commit_msg_file="$1"
 commit_msg=$(cat "$commit_msg_file")
 
-# Define patterns that should be rejected
-claude_patterns="🤖 Generated with.*Claude Code
-Generated with.*Claude Code
-Claude Code
-claude.ai/code
-Co-Authored-By: Claude
-noreply@anthropic.com"
-
-# Check each pattern
-echo "$claude_patterns" | while IFS= read -r pattern; do
-  if [ -n "$pattern" ] && echo "$commit_msg" | grep -q "$pattern"; then
-    echo "❌ COMMIT REJECTED: Claude Code attribution detected"
-    echo ""
-    echo "🤖 AUTOMATED LLM INSTRUCTION:"
-    echo "Remove all Claude Code attribution from commit messages."
-    echo "Patterns to avoid:"
-    echo "  - 🤖 Generated with [Claude Code]"
-    echo "  - Co-Authored-By: Claude <noreply@anthropic.com>"
-    echo "  - References to claude.ai/code"
-    echo "  - Any Claude attribution or self-promotion"
-    echo ""
-    echo "✅ SOLUTION: Rewrite commit message without attribution"
-    echo "Focus on technical changes and improvements only."
-    echo ""
-    echo "Current commit message contains: '$pattern'"
-    exit 1
-  fi
-done
-
-# Check if any pattern matched (the while loop runs in a subshell)
+# Check for Claude Code attribution patterns
 if echo "$commit_msg" | grep -E -q "(🤖.*Generated.*Claude|Claude Code|claude\.ai/code|Co-Authored-By:.*Claude|noreply@anthropic\.com)"; then
   echo "❌ COMMIT REJECTED: Claude Code attribution detected"
   echo ""

docs/admin-audit-logs-api.md

@@ -349,13 +349,18 @@ try {
 ### Rate-Limiting Handling
 
 ```javascript
-async function fetchWithRetry(url, options = {}) {
+async function fetchWithRetry(url, options = {}, maxRetries = 3, retryCount = 0) {
   const response = await fetch(url, options);
   
+  if (response.status === 429 && retryCount < maxRetries) {
+    // Rate limited, wait with exponential backoff and retry
+    const delay = Math.pow(2, retryCount) * 1000; // 1s, 2s, 4s
+    await new Promise(resolve => setTimeout(resolve, delay));
+    return fetchWithRetry(url, options, maxRetries, retryCount + 1);
+  }
+  
   if (response.status === 429) {
-    // Rate limited, wait and retry
-    await new Promise(resolve => setTimeout(resolve, 5000));
-    return fetchWithRetry(url, options);
+    throw new Error(`Rate limited after ${maxRetries} retries`);
   }
   
   return response;

docs/csp-metrics-api.md

@@ -411,7 +411,7 @@ CSP_ALERT_THRESHOLD=5              # violations per 10 minutes
 
 ### Memory Management
 
--   **Violation buffer** limited to 1 hour of data in memory
+  - **Violation buffer** limited to 7 days of data in memory
   - **Automatic cleanup** runs every 100 requests (1% probability)
   - **Efficient storage** using Map data structures