Add researcher affiliation attestation guard

[Jorel97]

/claim #11

Summary

• Add a self-contained researcher affiliation and grant attestation guard for SCIBASE User & Project Management.
• Validate public profile claims for ORCID/SSO/admin evidence, expired appointments, institutional email-domain matching, multiple active public institutions, grant consent, evidence receipts, and whether unverified claims feed invitations or reputation scoring.
• Include synthetic trusted/risky profile packets plus reviewer artifacts in JSON, Markdown, SVG, GIF, and MP4 formats.

Distinct scope

This is not another RBAC/workspace ledger, privacy access review, member lifecycle/offboarding, institutional recertification, anonymous-review escrow, data-room consent, researcher profile sync, archive handoff, access-audit anomaly, role delegation, invitation-domain/MFA, funding attribution, service-token governance, deletion/erasure, break-glass access, visibility transition, provisioning baseline, object-permission inheritance, session step-up, collaborator COI, data-residency, authoring artifact integrity, ORCID publication disambiguation, or access denial appeal slice. It focuses only on public affiliation/grant attestation before profile claims influence project trust or reputation.

Validation

• npm test
• npm run demo
• npm run demo:video

Demo video

• researcher-affiliation-attestation-guard/reports/demo.mp4