Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case

- Created CycloneDX and SPDX SBOM files for both reachable and unreachable images.
- Added symbols.json detailing function entry and sink points in the WordPress code.
- Included runtime traces for function calls in both reachable and unreachable scenarios.
- Developed OpenVEX files indicating vulnerability status and justification for both cases.
- Updated README for evaluator harness to guide integration with scanner output.

deploy/helm/stellaops/values-mirror.yaml

@@ -106,11 +106,18 @@ configMaps:
             proxy_cache off;
         }
 
-        location / {
-            return 404;
-        }
-
-services:
+        location / {
+            return 404;
+        }
+
+
+  policy-engine-activation:
+    data:
+      STELLAOPS_POLICY_ENGINE__ACTIVATION__FORCETWOPERSONAPPROVAL: "true"
+      STELLAOPS_POLICY_ENGINE__ACTIVATION__DEFAULTREQUIRESTWOPERSONAPPROVAL: "true"
+      STELLAOPS_POLICY_ENGINE__ACTIVATION__EMITAUDITLOGS: "true"
+
+services:
   concelier:
     image: registry.stella-ops.org/stellaops/concelier@sha256:dafef3954eb4b837e2c424dd2d23e1e4d60fa83794840fac9cd3dea1d43bd085
     service: