Quote syslog tags to prevent shell injection in journalctl hint

Use shlex.quote() on generated tags in format_journalctl_hint to
prevent potential shell injection if instance identifiers contain
shell metacharacters.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: delano

src/ots_containers/commands/instance/_helpers.py

@@ -36,7 +36,7 @@ def format_journalctl_hint(instances: dict[InstanceType, list[str]]) -> str:
     if not tags:
         return ""
 
-    tag_args = " ".join(f"-t {tag}" for tag in tags)
+    tag_args = " ".join(f"-t {shlex.quote(tag)}" for tag in tags)
     return f"journalctl {tag_args} -f"