How can I properly sanitize the update_option in WordPress?

You can use sanitize the data with sanitize functions in reference below.

https://developer.wordpress.org/plugins/security/securing-input/