🔒 Fix security vulnerability: replace unsafe innerHTML with replaceChildren()

This change replaces all occurrences of `innerHTML = ""` and manual child
clearing loops in `options/options.js` with the modern and safer
`replaceChildren()` API. This improves the security posture of the
extension by avoiding unsafe DOM manipulation patterns and provides a
more efficient way to clear elements.

Specifically:
- Replaced `list.innerHTML = ""` and its following `while` loop.
- Replaced multiple `while (el.firstChild)` loops.
- Replaced `variablesAutocomplete.innerHTML = ""` in the autocomplete logic.
- Replaced `groupsList.innerHTML = ""` in group rendering.

Co-authored-by: cmuench <211294+cmuench@users.noreply.github.com>

Author: google-labs-jules[bot]