In scope=false assets fix

[shivachethanreddy]

Summary:

This PR fixes issue #310, where threat findings from out-of-scope elements were still rendered in generated reports.

The fix centralizes scope filtering inside ReportUtils and updates all report templates to use scope-safe helper methods, preventing accidental leakage of findings.

What was changed
Code:
1)pytm/report_util.py
Added helper methods that return only in-scope findings

Introduced scope-safe accessors for:

threat ID
description
target
severity
references
Prevented templates from directly iterating over raw item.findings

Templates:

1)docs/basic_template.md
2)docs/advanced_template.md
3)docs/reveal.md

All templates were updated to:

Stop accessing item.findings, item.id, item.target, etc. directly
Use ReportUtils helper methods instead (for example: getInScopeFindings, getThreatId, etc.)
This ensures consistent and safe behavior across all report formats.

Why this fixes the bug:

Previously, report templates accessed findings directly, bypassing scope checks.
This caused out-of-scope threats to appear in reports, even when elements were explicitly marked inScope = False.

With this change:

Scope filtering is enforced in one centralized location
Templates cannot accidentally leak out-of-scope findings
All report types behave consistently

How this was verified

Generated reports using:

docs/basic_template.md
docs/advanced_template.md
docs/reveal.md

Verified that:

No templates reference item.findings, item.id, item.target, or item.severity
Out-of-scope elements do not render findings
In-scope elements render findings correctly
Existing report structure remains unchanged aside from the bug fix
Commits included
Fix threat leakage into out-of-scope elements
Prevent out-of-scope threats from rendering in reports
(Commits can be squashed if preferred.)

Notes:

No functional behavior outside report rendering was changed
No new dependencies were added
Changes are strictly limited to what is required to fix issue #310

[izar]

thank you!