feat(backend): add conversation export and import API (#1808)

[mrveiss]

Summary

• Add services/conversation_export.py: JSON and Markdown single-session export, bulk JSON archive, JSON import with skip/replace/rename conflict resolution
• Add api/conversation_export.py: GET /conversations/{id}/export?format=json|markdown, GET /conversations/export-all, POST /conversations/import
• Register as optional feature router in feature_routers.py

Closes #1808

Test plan

• Export single conversation as JSON — verify structure and metadata
• Export single conversation as Markdown — verify human-readable format
• Export all conversations — verify bulk archive
• Import JSON — verify round-trip fidelity
• Import duplicate with skip/replace/rename conflict modes

🤖 Generated with Claude Code

At a high level, we should ensure that user-controlled session_id cannot produce arbitrary filenames even within the trusted chats_directory. The simplest robust fix is to sanitize or validate session_id locally in _load_full_session_data and reject values that contain characters which could change the intended naming pattern (path separators, traversal sequences, wildcards, etc.). This is in addition to the existing validate_relative_path protection, giving a clear guarantee that only simple, expected session IDs are used to construct filenames.

Best targeted fix without changing existing functionality:

• Inside _load_full_session_data (in autobot-backend/services/conversation_export.py), before constructing filename_template, normalize and validate the session_id.
• Enforce a strict pattern for session_id at this layer, for example allowing only ASCII letters, digits, underscore, and hyphen. This matches typical session or UUID formats and should not break legitimate usage.
• If session_id fails this check, log a warning and return None (behaving as “session not found”), so the API continues to raise a ResourceNotFoundError as it already does when _load_full_session_data returns None.
• Implement the check using the standard library only (e.g., re), to avoid new dependencies.

Concretely:

• Add import re at the top of autobot-backend/services/conversation_export.py.

• In _load_full_session_data, right after entering the try block (before getting chats_directory and before building filename_template), add a small validation snippet:

  if not re.fullmatch(r"[A-Za-z0-9_-]+", session_id):
      logger.warning("Rejected session_id with invalid characters: %r", session_id)
      return None

This ensures filename_template stays a simple filename, eliminating any chance to smuggle directory separators or similar, and should satisfy CodeQL since the path now depends on a strictly validated ID.

---