Running a security audit in CI (SARIF)

Note

Placeholder page. This will cover wiring /audit-security --format sarif into a CI pipeline, tuning --standard, and ingesting findings as GitHub code-scanning alerts.