fix: correct tojson|safe usage in templates and update validator

- Remove |safe from |tojson in HTML attributes (x-data) - quotes must
  become " for browsers to parse correctly
- Update LANG-002 and LANG-003 architecture rules to document correct
  |tojson usage patterns:
  - HTML attributes: |tojson (no |safe)
  - Script blocks: |tojson|safe
- Fix validator to warn when |tojson|safe is used in x-data (breaks
  HTML attribute parsing)
- Improve code quality across services, APIs, and tests

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/api/v1/admin/tests.py

@@ -65,7 +65,9 @@ class RunTestsRequest(BaseModel):
     """Request model for running tests"""
 
     test_path: str = Field("tests", description="Path to tests to run")
-    extra_args: list[str] | None = Field(None, description="Additional pytest arguments")
+    extra_args: list[str] | None = Field(
+        None, description="Additional pytest arguments"
+    )
 
 
 class TestDashboardStatsResponse(BaseModel):
@@ -205,6 +207,7 @@ async def get_run(
 
     if not run:
         from app.exceptions.base import ResourceNotFoundException
+
         raise ResourceNotFoundException("TestRun", str(run_id))
 
     return TestRunResponse(
@@ -231,7 +234,9 @@ async def get_run(
 @router.get("/runs/{run_id}/results", response_model=list[TestResultResponse])
 async def get_run_results(
     run_id: int,
-    outcome: str | None = Query(None, description="Filter by outcome (passed, failed, error, skipped)"),
+    outcome: str | None = Query(
+        None, description="Filter by outcome (passed, failed, error, skipped)"
+    ),
     db: Session = Depends(get_db),
     current_user: User = Depends(get_current_admin_api),
 ):