eat: add ManualVerification model and migration for manual control verification

[AaronAlijani]

This PR adds the database model and migration for the manual control verification feature (25T3-RES-x-0xx). This addresses the gap where CIS controls that cannot be automatically scanned need a way for users to submit Pass or Fail results.

Changes:

• Added ManualVerification model in backend-api/app/models/manual_verification.py
• Registered the model in backend-api/app/models/init.py
• Created Alembic migration to add the manual_verification table

Table structure:

• scan_id — links to the parent scan (FK with CASCADE)
• control_id — which CIS control this verification is for
• user_id — who submitted the verification (FK with CASCADE)
• status — passed or failed
• comment — optional explanation
• created_at / updated_at — timestamps

Next steps (separate PRs):

• Pydantic schemas for request/response validation
• CRUD API endpoints

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a61d8e8118

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[du-dhartley]

Haven't ignored this one - there's discussion happening in teams about two different approaches. This PR will be updated after this has been discussed.

[du-dhartley]

@AaronAlijani Was this PR redundant after the following PR you submitted?

[AaronAlijani]

Yes, PR #148 is redundant. PR #166 replaces it with the redesigned manual_scan_result_detail table based on our discussion about keeping scan_result as the single source of truth. This PR can be closed.