feat(api): add invoice verification pipeline integration hook

[EmmyKay0026]

Closes #49

---

This PR implements a robust Invoice Verification Pipeline to perform fraud checks, business validation, and security sanitization before any invoice is approved for tokenization. This ensures that only high-quality, safe data enters the LiquiFact ecosystem.

Key Changes

• New Verification Service: Created

src/services/invoiceVerification.js
to house modular validation logic.

Fraud Prevention: Rejects invoices with non-positive amounts or those exceeding a maximum threshold ($10M).
Business Rules: Flags high-value invoices (>= $1M) for MANUAL_REVIEW.
Security Sanitization: Scans customer data for suspicious characters (XSS/Injection patterns).

-API Integration: Integrated the hook into the POST /api/invoices endpoint.
Invoices are now created with a dynamic status (VERIFIED, REJECTED, or MANUAL_REVIEW).
Added verificationReason to provide transparency on the pipeline's decision.

• Documentation: Added an "Invoice Verification Pipeline" section to the README.md explaining the security assumptions and business logic.

Test Coverage
The new implementation adheres to the project's 95%+ coverage requirement.

• src/services/invoiceVerification.js: 100% Statements / 100% Lines.
• src/index.js (modified logic): ~97% Line coverage.

Security Note

• Implements strict type checking and value range validation.
• Sanitizes input strings against common web attack vectors.
• Uses JSDoc to clearly define security assumptions for future maintainers.

[drips-wave]

@EmmyKay0026 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

[EmmyKay0026]

@Liquifact
Are there any feedback on my implementation?

[mikewheeleer]

Resolve the conflicts & revert the changes in package-lock.json