feat: Validate 'name' query param in SecondHTTPFunction to prevent injection attacks

[the-damian]

As we scale our startup API, unvalidated inputs could crash or expose us—let's secure it! Currently, SecondHTTPFunction grabs name from params without checks, which is fine for greetings but risky for real queries (e.g., long strings or scripts). Add simple validation: Reject if empty, >50 chars, or non-alphanumeric; return a 400 JSON error. This makes our endpoint bulletproof and teaches API best practices.