Add comprehensive security scanning in CI/CD

[RUKAYAT-CODER]

Automated security scans in pipeline.

Acceptance Criteria:

• SAST scanning
• Dependency scanning
• Container image scanning
• Secrets scanning

[Max-Owolabi]

@Max-Owolabi has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

I am a software engineer with knowledge with resolving issues of this nature

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Max-Owolabi to this issue.

[SamixYasuke]

@SamixYasuke has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

Hi maintainer, I’d like to work on this by integrating CI security checks for SAST, dependency vulnerabilities, container image scanning, and secrets detection into the existing pipeline, ensuring all scans run automatically on PRs and block merges on critical findings while keeping the workflow modular and maintainable.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @SamixYasuke to this issue.

[drips-wave]

Congratulations, @Max-Owolabi! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 2, 2026.

🧑‍💻 @Max-Owolabi: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊