* fix: use original title from webhook payload instead of fetched title
- Add extractOriginalTitle() helper to extract title from webhook payload
- Add originalTitle parameter to fetchGitHubData()
- Update tag mode to pass original title from webhook context
- Add tests for extractOriginalTitle and originalTitle parameter
This ensures the title used in prompts is the one that existed when the
trigger event occurred, rather than a potentially modified title fetched
later via GraphQL.
* fix: add title sanitization and explicit TOCTOU test
- Apply sanitizeContent() to titles in formatContext() for defense-in-depth
- Add explicit test documenting TOCTOU prevention for title handling
* Add enhanced text sanitization
* Format code with prettier
* Refactor tests to remove redundancy and improve structure
- Remove redundant 'mixed input patterns' test from sanitizer.test.ts
- Consolidate integration tests into 2 focused real-world scenarios
- Add HTML comment stripping to sanitizeContent function
- Update test expectations to match sanitization behavior
- Maintain full coverage with fewer, more focused tests
* Fix prettier formatting
* Remove rendered.html from repository
* Remove test-markdown.json and update .gitignore
* Revert .gitignore changes
- Add stripHtmlComments function to remove HTML comments from text
- Apply to all GitHub content (bodies, comments, reviews, triggers)
- Add comprehensive tests for comment stripping functionality
