prep docs and service updates

docs/modules/findings-ledger/schema.md

@@ -161,6 +161,10 @@ Stores the latest verdict/state per finding.
 | `policy_version` | `text` | Active policy digest. |
 | `status` | `text` | e.g., `affected`, `triaged`, `accepted_risk`, `resolved`. |
 | `severity` | `numeric(6,3)` | Normalised severity score (0-10). |
+| `risk_score` | `numeric(6,3)` | Risk scoring result (0-10) from Risk Engine/Policy. |
+| `risk_severity` | `text` | Risk category (e.g., `low`, `medium`, `high`, `critical`). |
+| `risk_profile_version` | `text` | Risk profile hash/version used for scoring. |
+| `risk_explanation_id` | `uuid` | Reference to risk explanation document. |
 | `labels` | `jsonb` | Key-value metadata (tags, KEV flag, runtime signals). |
 | `current_event_id` | `uuid` | Ledger event that produced this state. |
 | `explain_ref` | `text` | Reference to explain bundle or object storage key. |
@@ -173,6 +177,7 @@ Primary key: `(tenant_id, finding_id, policy_version)`.
 Indexes:
 
 - `ix_projection_status` on `(tenant_id, status, severity DESC)`.
+- `ix_projection_risk` on `(tenant_id, risk_severity, risk_score DESC)`.
 - `ix_projection_labels_gin` using `labels` GIN for KEV/runtime filters.
 
 ### 4.2 `finding_history`