#368 MEDIUM: Silent encryption failure (fail-open security)

## Issue In engine/db.py:131-147, encryption configuration failures are silently swallowed: ```python except Exception: logger.exception('Failed to configure connection encryption: ') # Don't raise - let connection be used even if encryption fails # This ensures availability over security (fail-open) ``` ## Impact - Sensitive data may be stored unencrypted - Operators won't know encryption is failing - Compliance/audit issues ## Location engine/db.py:131-147 ## Fix At minimum emit a metric/alert. Consider fail-closed for compliance requirements.