[Aikido] Fix 3 critical issues in lodash, form-data

[aikido-autofix]

Upgrade lodash and form-data to fix critical RCE vulnerabilities in template compilation and insufficient randomness in form-data boundary generation.

⚠️ Incomplete breaking changes analysis (1/2 analyzed)

⚠️ Breaking changes analysis not available for: form-data

✅ No breaking changes affect this codebase. The search found no usage of _.unset, _.omit, or _.template in the source code. While lodash is listed as a dependency in package-lock.json, it appears to be a transitive dependency (likely from inquirer or other packages) and is not directly imported or used in the application code.

All breaking changes by upgrading lodash from version 4.17.21 to 4.18.1 (CHANGELOG)

Version	Description
4.18.0	_.unset / _.omit now block constructor and prototype as non-terminal path keys unconditionally. Calls that previously returned true and deleted the property now return false and leave the target untouched.
4.18.0	_.template now throws "Invalid imports option passed into _.template" when imports keys contain forbidden identifier characters, which were previously allowed.

✅ 3 CVEs resolved by this upgrade, including 2 critical 🚨 CVEs

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2026-4800	🚨 CRITICAL	[lodash] A vulnerability in _.template allows arbitrary code execution through untrusted key names in options.imports or prototype pollution, as validation was incomplete after a prior CVE fix. An attacker can inject malicious code that executes during template compilation.
CVE-2025-13465	MEDIUM	[lodash] A prototype pollution vulnerability in _.unset and _.omit functions allows attackers to delete methods from global prototypes via crafted paths. While this prevents property overwriting, it can cause denial of service by removing critical functionality.
CVE-2025-7783	🚨 CRITICAL	[form-data] Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.