feat(core): centralize UI message redaction in persistence layer

[roomote]

Centralize redaction in persistence layer; sanitize on write, sanitize on read as safety net; add unit tests.

---

Important

Centralizes UI message redaction in the persistence layer by sanitizing sensitive data on write and read, with tests verifying the functionality.

• Behavior:
  • saveTaskMessages() in taskMessages.ts sanitizes sensitive data before writing to disk.
  • readTaskMessages() sanitizes legacy data on read as a safety net.
• Functions:
  • Adds sanitizeMessageText() and sanitizeMessages() to handle redaction of sensitive tags.
  • Updates saveTaskMessages() and readTaskMessages() to use sanitization functions.
• Tests:
  • New tests in taskMessages.sanitize.spec.ts verify sanitization on write and read, idempotency, and handling of non-string data.

^{This description was created by for cc77aab. You can customize this summary. It will automatically update as commits are pushed.}

[roomote]

Code Review Complete ✅

I've completed a thorough review of this pull request and found no issues that require changes.

Summary

This PR successfully centralizes UI message redaction in the persistence layer with:

• Clean separation of concerns by handling sanitization at the persistence boundary
• Comprehensive test coverage for various sanitization scenarios
• Proper use of safeWriteJson as required by project rules
• Type-safe implementation with proper type guards
• Defense-in-depth approach with both write-time and read-time sanitization

The implementation is well-designed and ready for merge.