fix: correct tojson|safe usage in templates and update validator

- Remove |safe from |tojson in HTML attributes (x-data) - quotes must
  become " for browsers to parse correctly
- Update LANG-002 and LANG-003 architecture rules to document correct
  |tojson usage patterns:
  - HTML attributes: |tojson (no |safe)
  - Script blocks: |tojson|safe
- Fix validator to warn when |tojson|safe is used in x-data (breaks
  HTML attribute parsing)
- Improve code quality across services, APIs, and tests

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

tests/unit/services/test_admin_service.py

@@ -122,7 +122,9 @@ class TestAdminService:
         from models.database.vendor import Vendor
 
         # Re-query vendor to get fresh instance
-        vendor_to_unverify = db.query(Vendor).filter(Vendor.id == test_vendor.id).first()
+        vendor_to_unverify = (
+            db.query(Vendor).filter(Vendor.id == test_vendor.id).first()
+        )
         vendor_to_unverify.is_verified = False
         db.commit()
 
@@ -186,7 +188,10 @@ class TestAdminService:
             None,
         )
         assert test_job is not None
-        assert test_job.marketplace.lower() == test_marketplace_import_job.marketplace.lower()
+        assert (
+            test_job.marketplace.lower()
+            == test_marketplace_import_job.marketplace.lower()
+        )
         assert test_job.status == test_marketplace_import_job.status
 
     def test_get_marketplace_import_jobs_with_marketplace_filter(