fix: 修复CodeReview发现的安全问题和代码质量问题 | fix security and code quality issues identified by CodeReview

- 修复JSON注入漏洞：使用json.Marshal()安全转义字符串内容
- 定义常量CHARS_PER_TOKEN替换硬编码的token估算数字4
- 处理UnmarshalJSON错误，避免静默失败并记录错误日志
- 定义常量替换硬编码的API端点路径，提高可维护性

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

relay/adaptor/anthropic/main.go

@@ -93,9 +93,15 @@ func ConvertRequest(textRequest model.GeneralOpenAIRequest) *Request {
 		if message.Role == "system" && claudeRequest.System.IsEmpty() {
 			// Create a SystemPrompt from the string content
 			systemPrompt := SystemPrompt{}
-			systemData := []byte(`"` + message.StringContent() + `"`) // Wrap in JSON string quotes
-			_ = systemPrompt.UnmarshalJSON(systemData)
-			claudeRequest.System = systemPrompt
+			systemData, err := json.Marshal(message.StringContent()) // Safely escape string for JSON
+			if err != nil {
+				logger.SysError(fmt.Sprintf("Failed to marshal system prompt: %v", err))
+			} else {
+				if err := systemPrompt.UnmarshalJSON(systemData); err != nil {
+					logger.SysError(fmt.Sprintf("Failed to unmarshal system prompt: %v", err))
+				}
+				claudeRequest.System = systemPrompt
+			}
 			continue
 		}
 		claudeMessage := Message{