Fix Phase 6 review issues: webhook auth, memory bounds, SSTI

Fixes 7 issues identified by code-reviewer agent:

1. (Critical) Webhook endpoint now validates X-Telegram-Bot-Api-
   Secret-Token header against configured secret, and verifies
   bot_token matches a stored NotificationTarget
2. (Critical) register/unregister webhook endpoints now require
   JWT auth via Depends(get_current_user); register passes
   secret_token to Telegram setWebhook
3. (Critical) Conversation dict now uses OrderedDict with LRU
   eviction (max 100 chats); trim happens BEFORE API call
4. (Important) Tool-use responses no longer stored in conversation
   history (avoids corrupted multi-turn state)
5. (Important) Singleton AsyncAnthropic client (module-level,
   lazily initialized once) - no more connection pool leaks
6. (Important) Markdown retry now uses payload.pop("parse_mode")
   instead of setting empty string
7. (Important) All user-controlled data wrapped in <data> tags
   with _sanitize() helper (truncation + newline stripping)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

packages/server/src/immich_watcher_server/config.py

@@ -26,6 +26,9 @@ class Settings(BaseSettings):
     ai_model: str = "claude-sonnet-4-20250514"
     ai_max_tokens: int = 1024
 
+    # Telegram webhook secret (used to validate incoming webhook requests)
+    telegram_webhook_secret: str = ""
+
     model_config = {"env_prefix": "IMMICH_WATCHER_"}
 
     @property