feat: add security sink detection patterns for JavaScript/TypeScript

- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations).
- Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns.
- Added `package-lock.json` for dependency management.

src/Notify/__Libraries/StellaOps.Notify.Models/NotifyEventKinds.cs

@@ -15,4 +15,8 @@ public static class NotifyEventKinds
     public const string AirgapTimeDrift = "airgap.time.drift";
     public const string AirgapBundleImport = "airgap.bundle.import";
     public const string AirgapPortableExportCompleted = "airgap.portable.export.completed";
+
+    // Sprint: SPRINT_4300_0002_0001 (BUDGET-018)
+    public const string PolicyBudgetExceeded = "policy.budget.exceeded";
+    public const string PolicyBudgetWarning = "policy.budget.warning";
 }