docs: add system architecture, threat model, and data pipeline documentation

[TrishaG189]

Summary

Adds a foundational architecture.md document to the repository. As the project scales across multiple clouds (AWS, GCP) and contributors, it is critical to have a single source of truth explaining how the pieces fit together and the security boundaries we are enforcing.

What this adds

• Mermaid.js System Diagram: Visually maps out the multi-cloud sensor nodes feeding back into the centralized AWS management plane.
• Network Philosophy: Explicitly documents our "contain, don't propagate" egress rules.
• Threat Model: A table detailing the assets we are protecting (Log integrity, TF state, Cloud IAM) and the mitigations we have put in place (append-only logs, least-privilege SA, DynamoDB locking).

Why this matters

New contributors need to understand why we build things a certain way (e.g., why we need remote state, why egress is restricted). This document serves as the onboarding blueprint and the standard against which future architectural decisions can be reviewed.

Resolves #12