fix: cleanup codebase and sync SPEC with actual permissions

Phase 1: Ruff lint fixes
- Remove unused imports across all files
- Remove unused variables (now_utc, tz, ctx)
- Fix f-string without placeholders
- Fix E402 import order with noqa comments

Phase 2: Remove confusing hard delete from storage
- Removed delete_bounty() from RoomStorage Protocol (never used by app)
- Removed delete_bounty() from JsonFileRoomStorage (was hard delete)
- Removed corresponding tests (hard delete was never used)

Phase 3: Sync SPEC.md with actual code behavior
- Updated overview: admins can add/edit/delete (not 'anyone' + 'creator')
- Updated command table: /add, /edit, /delete are admin only
- Updated error handling messages

Test results: 96 passed (2 hard delete tests removed)

tests/test_json_file.py

@@ -1,11 +1,9 @@
 """Tests for adapters/storage/json_file.py — JSON file storage adapter."""
 
 import json
-import os
 import tempfile
 from pathlib import Path
 
-import pytest
 
 from adapters.storage.json_file import JsonFileRoomStorage, JsonFileTrackingStorage
 from core.models import Bounty, RoomData, TrackingData, TrackedBounty
@@ -99,15 +97,6 @@ class TestJsonFileRoomStorage:
 
         assert self.storage.load(-1001) is None
 
-    def test_delete_bounty(self):
-        """Test that delete_bounty removes a bounty."""
-        bounty = self._create_bounty(id=1)
-        self.storage.add_bounty(-1001, bounty)
-        self.storage.delete_bounty(-1001, 1)
-
-        loaded = self.storage.load(-1001)
-        assert len(loaded.bounties) == 0
-
     def test_get_bounty_found(self):
         """Test that get_bounty returns the bounty when found."""
         bounty = self._create_bounty(id=1)