fix: address 5 critical and major PR review issues

- Remove set -e from validate-marketplace.sh to prevent early exit on
  check failures, allowing the summary to always be displayed (PRRT_kwDOO6Hdxs5uvKrc)
- Fix marketplace.json source path to point to skills/unraid instead of
  ./ for correct plugin directory resolution (PRRT_kwDOO6Hdxs5uvKrg)
- Fix misleading trap registration comment in unraid-api-crawl.md and
  add auth note to Apollo Studio URL (PRRT_kwDOO6Hdxs5uvO2t)
- Extract duplicated cleanup-with-error-handling in main.py into
  _run_shutdown_cleanup() helper (PRRT_kwDOO6Hdxs5uvO3A)
- Add input validation to read-logs.sh to prevent GraphQL injection
  via LOG_NAME and LINES parameters (PRRT_kwDOO6Hdxs5uvKrj)

skills/unraid/examples/read-logs.sh

@@ -8,6 +8,16 @@ QUERY_SCRIPT="$SCRIPT_DIR/../scripts/unraid-query.sh"
 LOG_NAME="${1:-syslog}"
 LINES="${2:-20}"
 
+# Validate inputs to prevent GraphQL injection
+if ! [[ "$LOG_NAME" =~ ^[a-zA-Z0-9_./-]+$ ]]; then
+    echo "Error: Invalid log name. Only alphanumeric characters, dots, slashes, hyphens, and underscores are allowed." >&2
+    exit 1
+fi
+if ! [[ "$LINES" =~ ^[0-9]+$ ]]; then
+    echo "Error: Lines must be a positive integer." >&2
+    exit 1
+fi
+
 echo "=== Reading $LOG_NAME (last $LINES lines) ==="
 echo ""