Sanitize method names to prevent path traversal attacks

[Copilot]

Addresses path traversal vulnerability where malicious issue data could inject method names like ../../etc/passwd to write files outside intended directories.

Changes

• Added sanitizePath() method: Removes path traversal sequences (../, ..\\), slashes, and restricts to alphanumeric + _-: characters
• Sanitize all path inputs: Applied to convertMethodToPath(), determineApiVersion(), and generateMethodDocumentation() before file path construction

// Before: vulnerable to traversal
convertMethodToPath(method) {
  return method.replace(/::/g, '-');
}

// After: sanitized input
sanitizePath(input) {
  let sanitized = input.replace(/\.\./g, '')
                      .replace(/^[/\\]+/, '')
                      .replace(/[/\\]/g, '')
                      .replace(/[^a-zA-Z0-9_:-]/g, '');
  return sanitized;
}

convertMethodToPath(method) {
  const sanitized = this.sanitizePath(method);
  return sanitized.replace(/::/g, '-');
}

Input ../../etc/passwd now becomes etcpasswd while task::enable_utxo::init correctly becomes task-enable_utxo-init.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.