Credential server

As implemented, ai-delegate is insecure because the service worker separation is not enough to stop an attacker from stealing the user's API key(s). In the absence of a browser extension it is better to offload the final request to a server.