fix: enable RLS policies for workflow_mutations table

Enable Row-Level Security and add policies:
- Allow anonymous (anon) inserts for telemetry data collection
- Allow authenticated reads for data analysis and querying

These policies are required for the telemetry system to function
correctly with Supabase, as the MCP server uses the anon key to
insert mutation data.

Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en

docs/migrations/workflow_mutations_schema.sql

@@ -147,19 +147,19 @@ COMMENT ON COLUMN workflow_mutations.operations IS
 COMMENT ON COLUMN workflow_mutations.validation_improved IS
   'Whether the mutation reduced validation errors (NULL if validation data unavailable)';
 
--- Row-level security (optional - uncomment if using Supabase auth)
+-- Row-level security
--- ALTER TABLE workflow_mutations ENABLE ROW LEVEL SECURITY;
+ALTER TABLE workflow_mutations ENABLE ROW LEVEL SECURITY;
 
 -- Create policy for anonymous inserts (required for telemetry)
--- CREATE POLICY "Allow anonymous inserts"
+CREATE POLICY "Allow anonymous inserts"
---   ON workflow_mutations
+  ON workflow_mutations
---   FOR INSERT
+  FOR INSERT
---   TO anon
+  TO anon
---   WITH CHECK (true);
+  WITH CHECK (true);
 
 -- Create policy for authenticated reads (for analysis)
--- CREATE POLICY "Allow authenticated reads"
+CREATE POLICY "Allow authenticated reads"
---   ON workflow_mutations
+  ON workflow_mutations
---   FOR SELECT
+  FOR SELECT
---   TO authenticated
+  TO authenticated
---   USING (true);
+  USING (true);