fix(blueprint): Review fixes — API key lookup, tier enforcement, safety

Fixes 10 issues from Blueprint extension code review:
- CurseForge API key now reads via Blueprint dbGet() matching admin save
- PRO-tier fields (webhook, interval) enforced server-side, not just UI
- json_decode results validated before accessing parsed data
- Null user guard on getStatus() endpoint
- 429 response uses consistent error key format
- Modrinth slug derivation strips special chars, documented as fallback
- Check interval dropdown reflects saved value
- API key input changed to password type
- TypeScript error typing narrowed from any to unknown
- Removed unused DB import from ModpackApiService

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

services/modpack-version-checker/blueprint-extension/app/Services/ModpackApiService.php

@@ -32,11 +32,15 @@ namespace Pterodactyl\Services;
 
 use Illuminate\Support\Facades\Http;
 use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\DB;
+use Pterodactyl\BlueprintFramework\Libraries\ExtensionLibrary\Admin\BlueprintAdminLibrary as BlueprintExtensionLibrary;
 use Exception;
 
 class ModpackApiService
 {
+    public function __construct(
+        private BlueprintExtensionLibrary $blueprint
+    ) {}
+
     /**
      * Fetch the latest version info for a modpack from its platform API.
      * 
@@ -106,9 +110,7 @@ class ModpackApiService
      */
     private function checkCurseForge(string $modpackId): array
     {
-        $apiKey = DB::table('settings')
-            ->where('key', 'modpackchecker::curseforge_api_key')
-            ->value('value');
+        $apiKey = $this->blueprint->dbGet('modpackchecker', 'curseforge_api_key');
             
         if (empty($apiKey)) {
             throw new Exception('CurseForge API key not configured');