Use shadow-root to prevent sites access to Logseq search contents

- Currently, seems like any JS run on the browser can access contents displayed by copilot search result, which is a security risk.
- Use `shadow-root` to prevent random scripts access to content.