Separate hidden CSV columns from client-readable row data

[MoerAI]

Summary

Columns marked as hidden are still stored in readData and exported later. With the current Firestore read rules, hidden columns are not protected from workers, reviewers, or other authenticated users.

Evidence

• src/app/(main)/admin/tasks/create/page.tsx:149-157 includes hidden columns in readData so they can be exported later.
• src/app/(main)/admin/tasks/[taskId]/page.tsx:53-70 exports all task columns, including hidden columns.
• firestore.rules:83 currently allows authenticated users to read all rows.

Impact

"Hidden" only means hidden from the UI. If hidden columns contain answer keys, participant IDs, source metadata, internal labels, or sensitive experiment fields, they are still present in client-readable Firestore row documents.

Minimal Fix

• Decide whether hidden columns are UI-hidden only or truly restricted.
• If truly restricted, do not store hidden/export-only data in row documents readable by workers/reviewers.
• Split data into role-specific fields/collections, for example workerVisibleData, reviewerVisibleData, and adminExportData.
• Restrict admin-only export data through Firestore rules or a trusted server-side export path.

Acceptance Criteria

• Workers cannot read hidden/export-only values from Firestore.
• Reviewers cannot read hidden/export-only values unless explicitly intended.
• Admin export still includes hidden columns through an authorized path.
• Documentation/UI copy distinguishes "hidden from UI" from "access-restricted" if both modes exist.