Enhance security by adding DOMPurify comments in Vue components and updating path handling comments in server utilities to mitigate path traversal risks.

server/api/membership/applications.get.js

@@ -64,6 +64,7 @@ export default defineEventHandler(async (event) => {
         } catch (error) {
           // nosemgrep: javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring
           // file is from readdir, not user input; error.message is safe
+          // nosemgrep: javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring
           console.error(`Fehler beim Laden von ${file}:`, error.message)
         }
       }