refactor: consolidate error handling and improve security

Major refactoring to reduce code duplication and address security concerns:

* feat(__api_request): consolidate retry logic into _request_with_retry
  - Extract HTTP operations into inner functions (_do_get, _do_post, etc.)
  - Centralize error handling for all HTTP methods
  - Reduces code duplication by ~55 lines

* security(__api_session): remove SSL verification bypass in Vault client
  - Remove verify=False from hvac.Client initialization
  - Make vault attributes private (_vault_url, _vault_path, etc.)
  - Improve vault credentials cleanup in finally block

* feat(__api_session): improve session management
  - Add _new_session() helper for consistent session initialization
  - Add validate parameter to set_api_token() for optional token validation
  - Fix delete_api_token() to return APIResponse instead of Response
  - Use mist_delete() method instead of raw session.delete()

* perf(__init__): implement lazy loading for heavy subpackages
  - Defer api and cli imports until accessed
  - Improves initial import performance

* fix(__logger): correct logging sanitization
  - Use getMessage() instead of direct msg access
  - Clear record.args after sanitization to prevent re-formatting

This refactoring improves maintainability, security, and performance without
changing the public API surface.

Author: tmunzer-AIDE