Add submission package security guard

[Davidrsdiaz]

/claim #18

Summary

• Adds a self-contained Scientific Bounty System submission package security guard for issue Scientific Bounty System #18.
• Screens solver packages before sponsor/reviewer access for path traversal, unsafe executables, dependency lifecycle scripts, notebook network/shell cells, bundled secret-like environment values, macro-enabled documents, privileged containers, host mounts, and sandbox remediation actions.
• Generates deterministic JSON, Markdown, SVG, and H.264 MP4 reviewer artifacts from synthetic data only.

Demo

• scientific-bounty-submission-security-guard/reports/demo.mp4
• scientific-bounty-submission-security-guard/reports/submission-security-summary.svg

Validation

• node scientific-bounty-submission-security-guard/test.js
• node scientific-bounty-submission-security-guard/demo.js
• node scientific-bounty-submission-security-guard/make-demo-video.js
• node --check scientific-bounty-submission-security-guard/index.js
• node --check scientific-bounty-submission-security-guard/sample-data.js
• node --check scientific-bounty-submission-security-guard/demo.js
• node --check scientific-bounty-submission-security-guard/test.js
• node --check scientific-bounty-submission-security-guard/make-demo-video.js
• ffprobe -v error -select_streams v:0 -show_entries stream=codec_name,width,height,duration,nb_frames -show_entries format=size,duration -of default=noprint_wrappers=1 scientific-bounty-submission-security-guard/reports/demo.mp4 -> H.264, 1280x720, 4.0s, 48 frames
• git diff --check
• git diff --cached --check

Safety

Synthetic fixtures only. The module does not execute submitted code, unpack archives, call malware scanners, contact package registries, use credentials, or touch live challenge workspaces.