docs consolidation and others

docs/modules/risk-engine/samples/profiles/README.md

@@ -0,0 +1,3 @@
+Use the root `INGEST_CHECKLIST.md`.
+Place profile JSON/DSSE here, normalize with `jq -S .`, update `SHA256SUMS`, and verify with `sha256sum -c`.
+UTC timestamps only; no live data.

docs/modules/risk-engine/samples/profiles/SHA256SUMS

@@ -0,0 +1,2 @@
+fe460af2699ce335199f6e26597bab4530c6f3f476d4b1f93526175597565d10  README.md
+c8242d4051232152d024dd37324b346dcf019a5e46b7b82fae8349ad802affab  default-profile.json

docs/modules/risk-engine/samples/profiles/default-profile.json

@@ -0,0 +1,18 @@
+{
+  "id": "default-profile",
+  "version": "1.0.0",
+  "description": "Default risk profile for vulnerability prioritization",
+  "extends": "base-profile",
+  "signals": [
+    { "name": "cvss", "source": "nvd", "type": "numeric", "path": "/cvss/base_score", "transform": "normalize_10", "unit": "score" },
+    { "name": "kev", "source": "cisa", "type": "boolean", "path": "/kev/in_catalog" },
+    { "name": "reachability", "source": "scanner", "type": "numeric", "path": "/reachability/score", "unit": "score" }
+  ],
+  "weights": { "cvss": 0.4, "kev": 0.3, "reachability": 0.3 },
+  "overrides": {
+    "severity": [ { "when": { "kev": true }, "set": "critical" } ],
+    "decisions": [ { "when": { "kev": true, "reachability": { "$gt": 0.8 } }, "action": "deny", "reason": "KEV with high reachability" } ]
+  },
+  "metadata": { "author": "docs-guild", "created_at": "2025-12-05T00:00:00Z" },
+  "provenance": { "hash": "sha256:placeholder", "signed": false }
+}