fix(api): wrap audit log writes inside their parent transactions

Prevents mutations from committing without an audit trail if the
auditLog.create call fails after the main write already succeeded.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

packages/api/src/__tests__/assistant-tools-admin-crud-test-helpers.ts

@@ -19,7 +19,7 @@ export function createToolContext(
   },
 ): ToolContext {
   const userRole = options?.userRole ?? SystemRole.ADMIN;
-  const mergedDb = {
+  const mergedDb: Record<string, unknown> = {
     ...defaultDbDefaults,
     ...db,
     blueprint: {
@@ -27,6 +27,9 @@ export function createToolContext(
       ...(db.blueprint as Record<string, unknown> | undefined),
     },
   };
+  if (!mergedDb["$transaction"]) {
+    mergedDb["$transaction"] = vi.fn(async (fn: (tx: unknown) => unknown) => fn(mergedDb));
+  }
   return {
     db: mergedDb as ToolContext["db"],
     userId: "user_1",