🛡️ Sentinel: [HIGH] Implement strict email validation

- Implemented `isValidEmail` utility with strict regex validation (rejects `<` and `>`) to prevent XSS vectors.
- Updated `Contact.tsx` to use `isValidEmail` instead of weak regex.
- Added comprehensive tests for `isValidEmail` in `src/utils/security.test.ts`.
- Fixed flaky test in `src/pages/__tests__/Contact.test.tsx` by clearing `localStorage` in `afterEach`.
- Added test case for invalid email submission.
- Documented findings in `.jules/sentinel.md`.

Co-authored-by: ragusa-it <196988693+ragusa-it@users.noreply.github.com>

src/utils/security.ts

@@ -16,3 +16,21 @@ export function sanitizeInput(input: string): string {
     .replace(/"/g, """)
     .replace(/'/g, "'");
 }
+
+/**
+ * Validates an email address format securely.
+ * Rejects inputs containing dangerous characters like <, >, or whitespace.
+ *
+ * @param email - The email string to validate.
+ * @returns True if the email is valid and safe, false otherwise.
+ */
+export function isValidEmail(email: string): boolean {
+  // Basic format check + rejection of XSS vectors (<, >)
+  // [^\s@<>]+ : Local part - no whitespace, @, <, or >
+  // @         : Literal @
+  // [^\s@<>]+ : Domain part - no whitespace, @, <, or >
+  // \.        : Literal .
+  // [^\s@<>]+ : TLD part - no whitespace, @, <, or >
+  const emailRegex = /^[^\s@<>]+@[^\s@<>]+\.[^\s@<>]+$/;
+  return emailRegex.test(email);
+}