fix(transcription): defensively cap @mention fetch with limit=5

Adds &limit=5 to the /api/persons request so the client signals its
intent and stays consistent with the SEARCH_RESULT_LIMIT slice. Backend
enforcement (and the broader PersonSummaryDTO response-shape audit) is
tracked separately. Markus on PR #629.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

frontend/src/lib/shared/discussion/PersonMentionEditor.svelte

@@ -196,7 +196,11 @@ onMount(() => {
 						const runSearch = async (query: string) => {
 							const id = requestId;
 							try {
-								const res = await fetch(`/api/persons?q=${encodeURIComponent(query)}`);
+								// Defensive client-side cap — server-side enforcement is tracked
+								// separately. Markus on PR #629.
+								const res = await fetch(
+									`/api/persons?q=${encodeURIComponent(query)}&limit=${SEARCH_RESULT_LIMIT}`
+								);
 								if (id !== requestId) return;
 								if (!res.ok) {
 									dropdownState.items = [];