Add receipt input JSON and SHA256 hash for CVSS policy scoring tests

- Introduced a new JSON fixture `receipt-input.json` containing base, environmental, and threat metrics for CVSS scoring.
- Added corresponding SHA256 hash file `receipt-input.sha256` to ensure integrity of the JSON fixture.

bench/reachability-benchmark/benchmark/templates/determinism/js.env

@@ -0,0 +1,5 @@
+# Deterministic defaults for JavaScript/Node cases
+SOURCE_DATE_EPOCH=1730000000
+NODE_OPTIONS=--no-deprecation
+NPM_CONFIG_FUND=false
+NPM_CONFIG_AUDIT=false