Validate apiToken on input and threatfeed fixes

[pvdz]

• make apiToken reject command at input validation, rather than throw a hard error. removed the hard error for it; just let setupSdk() fail over it if it does reach there anyways.
• update the input validation to also check for the json+markdown flag
• change the input validation schema to accept a nook flag rather than hide, to prevent repeated expressions. nook is not-ok, indicating to print the message only when the test fails
• harden the threat-feed logic in case of errors. try to make sure it never infinite-loop-freezes the terminal. make sure the escape keys are bound to the screen before anything else.