fix(fraud): prevent None agent_notes writing literal "None" string to DB

[sshekhar-04]

Problem

Fixes #146

When update_vendor_risk and update_fraud_agent_notes are called
with agent_notes=None, f-string interpolation writes the literal
string "[Fraud Agent] None" into the vendor audit trail.

This pollutes forensic records and causes CTF detectors to produce
spurious matches on fraud agent notes.

Fix

Added or '' guard with .strip() on agent_notes before
f-string interpolation in both affected functions.

Before:

new_notes = f"{existing_notes}\n\n[Fraud Agent] {agent_notes}"

After:

new_notes = f"{existing_notes}\n\n[Fraud Agent] {agent_notes or ''}".strip()

Files Changed

• finbot/tools/data/fraud.py — fixed 2 occurrences
• tests/unit/tools/test_fraud.py — added 5 tests

Tests

• test_none_agent_notes_no_literal_none ✅
• test_normal_notes_appended ✅
• test_empty_existing_notes_stripped ✅
• test_none_agent_notes_no_literal_none (fraud agent notes) ✅
• test_normal_notes_appended (fraud agent notes) ✅

[stealthwhizz]

@sshekhar-04 I think this issue is already solved ..! Could you look into it once?
Because the bug is fixed from main before my PR was created ..!

[sshekhar-04]

@stealthwhizz I have seen your PR (#263) for this, but the core issue was not fixed in main so to fix that, I have created this PR.