Potential fix for code scanning alert no. 10: Information exposure through an exception

[ArshVermaGit]

Potential fix for https://github.com/ArshVermaGit/SentinelOps-Autonomous-DevOps-AI/security/code-scanning/10

The safe fix is to stop returning raw exception content from handle_devops_query and instead:

1. Log the exception internally (with stack trace) for developers/operators.
2. Return a generic user-safe message.

Best minimal change (without altering endpoint behavior shape) is in sentinelops-backend/app/services/ai_chat_service.py:

• Add a module logger (import logging and logger = logging.getLogger(__name__)).
• In the except Exception as e block, replace direct exception string return with logger.exception(...) and a generic constant message like "Sorry, I couldn't process your request right now. Please try again shortly.".

No functional API contract change is needed in dashboard.py because it already returns {"response": response} and can continue doing so with the sanitized message.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

[ArshVermaGit]

This is a sensible and well-contained fix that tightens up error handling without changing how the API behaves externally. Returning raw exception messages is always a bit risky, so switching to logger.exception(...) while sending back a generic, user-safe message is the right move. I like that this keeps the full stack trace available for debugging while avoiding accidental leakage of internal details. Keeping the response shape unchanged in dashboard.py is also a nice touch—it makes this a low-risk improvement that won’t ripple into other parts of the system. Overall, it’s a clean, practical hardening step that improves security without adding noise or complexity.