Use SafeJoin in V2 Tools Install endpoint

[umbynos]

Please check if the PR fulfills these requirements

• The PR has no duplicates (please search among the Pull Requests
  before creating one)
• Tests for the changes have been added (for bug fixes / features)

• What kind of change does this PR introduce?

Security Fix

• What is the current behavior?

The v2 install endpoint is vulnerable to path traversal vulnerability

• What is the new behavior?

That is fixed (leveraging the SafeJoin function introduced in #821)

• Does this PR introduce a breaking change?

No

• Other information:

[codecov-commenter]

Codecov Report

Attention: 7 lines in your changes are missing coverage. Please review.

Comparison is base (33080c3) 18.20% compared to head (cdac540) 18.37%.
Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #840      +/-   ##
==========================================
+ Coverage   18.20%   18.37%   +0.16%     
==========================================
  Files          53       53              
  Lines        4109     4120      +11     
==========================================
+ Hits          748      757       +9     
- Misses       3256     3257       +1     
- Partials      105      106       +1     

Flag	Coverage Δ
unit	18.37% <63.15%> (+0.16%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
v2/pkgs/tools.go	68.82% <63.15%> (+0.89%)	⬆️

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.