v0.1 — backend bones + ingredient sterilizer

LAN-only Flask API that consumes Mealie (source of truth for recipes / plans
/ lists) and clawdforge (centralized claude -p runner) to do AI work.

v0.1 surface:
  GET  /healthz                          liveness + clawdforge upstream
  GET  /api/recipes                      proxy Mealie recipe list
  POST /api/sterilize/preview/<slug>     dry-run AI parse, return proposals
  POST /api/sterilize/apply/<slug>       write parses back to Mealie

Why sterilizer first: Mealie's CRF parser is mediocre and Cobb's hand-typed
recipes have lots of free-form ingredient strings ("about 2 cups cooked
white rice", "a pinch of salt") that don't aggregate cleanly into a
shopping list. We batch all ingredients of one recipe into a single Sonnet
call via clawdforge, get back parallel structured parses, then on apply
link each to Mealie food/unit records (creating missing by name) and PUT
the recipe back. Preview is non-destructive.

No UI in v0.1 — bearer-auth API only. Frontend + Authentik OIDC + Abby's
swamp/meadow/forest palette arrives in v0.2.

Auth: simple shared bearer in env (ADMIN_BEARER) until OIDC lands. LAN-only
deploy means the bearer is the only gate; no public exposure.

Stack: python:3.12-slim + Flask 3 + gunicorn + requests. No DB in v0.1.

requirements.txt

@@ -0,0 +1,3 @@
+Flask==3.0.3
+requests==2.32.3
+gunicorn==23.0.0