#10257: fix(security): anchor MIME sanitization regex and block fullwidth bypass (#9791, #9795)

## Summary - Anchor the MIME type sanitization regex with `$` to reject trailing content after a valid type/subtype pair - Add NFKC Unicode normalization before validation to prevent fullwidth character bypasses (e.g., `ａｕｄｉｏ/ｍｐｅｇ`) - Apply the same normalization to `normalizeMimeType()` in `src/media/input-files.ts` Fixes #9791, #9795 ## Test plan - [x] New tests for `sanitizeMimeType()` covering: standard types, fullwidth Unicode, trailing content, invalid values - [x] New tests for `normalizeMimeType()` covering: charset stripping, fullwidth Unicode normalization - [x] All 11 new tests pass - [x] `pnpm check` passes (0 warnings, 0 errors) <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> - Updates MIME sanitization in `src/media-understanding/apply.ts` to NFKC-normalize before validation and anchors the regex to reject trailing content. - Exports `sanitizeMimeType()` and adds targeted Vitest coverage for standard types, whitespace/lowercasing, fullwidth Unicode normalization, and trailing-content rejection. - Updates `normalizeMimeType()` in `src/media/input-files.ts` to also apply NFKC normalization, with tests covering parameter/charset stripping and fullwidth normalization. - Change fits into the media ingestion pipeline by hardening MIME handling before allowing/denying extraction and before embedding MIME values into generated `<file ...>` blocks. <h3>Confidence Score: 5/5</h3> - This PR is safe to merge with minimal risk. - Changes are tightly scoped to MIME normalization/validation, include explicit regression tests for the intended security fixes (trailing-content rejection and fullwidth bypass prevention), and do not alter unrelated control flow in the media pipeline. - No files require special attention <!-- greptile_other_comments_section --> <!-- /greptile_comment -->