feat: Added input sanitization to exec/spawn calls

[anfazio]

Added input sanitization to exec/spawn calls

Description

Added sanitizeCommandLineParameter utility function to remove invalid characters from command line parameter values, and applied it to existing exec/spawn calls.

Motivation and Context

While all the parameter values are either programmatically generated or provided through user configurations, it is a security best practice to sanitize inputs into command line calls. This will provide additional security if dependencies are compromised or an attacker modifies the SFB configuration.

Testing

Tested the following E2E scenarios:

1. Deploy skill with lambda layer enabled/disabled
2. Deploy skill with polly enabled/disabled
3. Run through voice preview of tutorial story in editor

Types of changes

• [ ] Bug fix (non-breaking change which fixes an issue)
• [x] New feature (non-breaking change which adds functionality)
• [x] Breaking change (fix or feature that would cause existing functionality to change)

Checklist

• [x] My code follows the code style of this project
• [ ] My change requires a change to the documentation
• [ ] I have updated the documentation accordingly
• [x] I have read the README document
• [x] I have added tests to cover my changes
• [x] All new and existing tests passed

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.