deepstream is vulnerable to prototype pollution

An authenticated user with write permission to any record can send a crafted record write message containing a JSON path that includes `__proto__`, `constructor.prototype`, or similar prototype-chain tokens [patch_id=6590930]. The `tokenize` function in `json-path.ts` previously did not reject these keys, so `setValue` would traverse and pollute `Object.prototype`. This prototype pollution can then be leveraged for privilege escalation across the deepstream server.

The vulnerability resides in `src/utils/json-path.ts` where the `tokenize` function lacked checks for `__proto__`, `constructor`, and `prototype` keys, and in `src/handlers/record/record-transition.ts` and `src/services/permission/valve/rule-application.ts` which called `setValue` without validating the path. The patch adds a `FORBIDDEN_KEYS` set and an `isValidPath` guard, and wraps `setValue` calls in try-catch blocks.

The patch introduces a `FORBIDDEN_KEYS` set containing `__proto__`, `constructor`, and `prototype` in `json-path.ts`. The `tokenize` function now throws an error when any of these keys appear as a path segment, and a new `isValidPath` function exposes this check. In `record-transition.ts`, incoming messages are validated with `isValidPath` before processing, and in `rule-application.ts`, the `setValue` call is wrapped in a try-catch to safely handle the thrown error. Together these changes prevent any path that could traverse the prototype chain from being used to set values.