HIGH FIX: Add default values to array variable assignments

Lines 1763, 1779: Variables from associative arrays may be empty
- req_count: Changed from ${ip_request_counts[$ip]} to ${ip_request_counts[$ip]:-0}
- fail_rate: Changed from ${scanner_ips[$ip]} to ${scanner_ips[$ip]:-0}
- Prevents type mismatch errors when array keys don't exist
- Provides sensible defaults (0) for missing values

Fixes QA HIGH issue at line 1788.

modules/security/bot-analyzer.sh

@@ -1760,7 +1760,7 @@ calculate_threat_scores() {
         fi
 
         score=0
-        req_count=${ip_request_counts[$ip]}
+        req_count=${ip_request_counts[$ip]:-0}
 
         # IMPROVED: Base request volume scoring
         # Skip volume scoring for legitimate bots (Google, Bing, etc.)
@@ -1776,7 +1776,7 @@ calculate_threat_scores() {
         # NEW: Success rate analysis bonuses
         # High failure rate (80%+ 404/403) = scanning behavior
         if [ -n "${scanner_ips[$ip]}" ]; then
-            fail_rate=${scanner_ips[$ip]}
+            fail_rate=${scanner_ips[$ip]:-0}
             if [ "$fail_rate" -ge 90 ]; then
                 score=$((score + 8))  # Very high failure rate
             elif [ "$fail_rate" -ge 80 ]; then