All output should be sanitized to avoid discord injection attacks

[Bale001]

Echoing back user input directly can cause what's known as discord injection. This can be exploited to ping roles on a discord server. For example earlier today I was testing this out in the official rust discord and I was able to ping everyone. Here is an example of this:

?eval mode=@Rustacean\`
\```
println!("")
\```

Which causes the bot to respond by pinging the Rustacean role. To fix this, make sure all output is sanitized by escaping the ` character, and also make sure to escape the \ character as well.

[kangalio]

The bot uses Discord's allowed_mentions API to disable role and everyone pings. They'll still render, but not actually ping