fix(core): prevent silent error swallowing in unique item checks

[envsecure]

Description

This PR fixes a bug in the access control logic where actual database errors (like timeouts, connection drops, or Prisma internal errors) were being silently swallowed during relationship resolution.

Previously, checkUniqueItemExists used an empty catch (err) {} block. This caused any error from context.db[...].findOne() to be masked as a generic "Access denied: it may not exist" error. This made infrastructure-level failures extremely difficult to debug, as developers would waste time checking their access control rules instead of their database connection.

Changes

• Updated checkUniqueItemExists in packages/core/src/lib/core/access-control.ts to only swallow KS_ACCESS_DENIED errors.
• Any other error (unexpected exceptions) is now correctly rethrown.
• Added a changeset to document the fix.

Impact

• Better Debugging: Developers will now see real database/connection errors in their logs instead of misleading "Access denied" messages.
• Predictability: System-level failures are no longer conflated with security-level denials.