fix: correct tojson|safe usage in templates and update validator

- Remove |safe from |tojson in HTML attributes (x-data) - quotes must
  become " for browsers to parse correctly
- Update LANG-002 and LANG-003 architecture rules to document correct
  |tojson usage patterns:
  - HTML attributes: |tojson (no |safe)
  - Script blocks: |tojson|safe
- Fix validator to warn when |tojson|safe is used in x-data (breaks
  HTML attribute parsing)
- Improve code quality across services, APIs, and tests

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

scripts/init_log_settings.py

@@ -84,13 +84,17 @@ def init_log_settings():
             )
 
             if existing:
-                print(f"✓ Setting '{setting_data['key']}' already exists (value: {existing.value})")
+                print(
+                    f"✓ Setting '{setting_data['key']}' already exists (value: {existing.value})"
+                )
                 updated_count += 1
             else:
                 setting = AdminSetting(**setting_data)
                 db.add(setting)
                 created_count += 1
-                print(f"✓ Created setting '{setting_data['key']}' = {setting_data['value']}")
+                print(
+                    f"✓ Created setting '{setting_data['key']}' = {setting_data['value']}"
+                )
 
         db.commit()