Add security review, specific to OpenFn

[taylordowns2000]

This PR adds an OpenFn-specific security reviewer, and a Github action to call it on PRs that are ready for review

Closes #4521

AI Usage

Please disclose whether you've used AI anywhere in this PR (it's cool, we just
want to know!):

• I have used Claude Code
• I have used another model
• I have not used AI

You can read more details in our
Responsible AI Policy

Pre-submission checklist

• I have performed an AI review of my code (we recommend using /review
  with Claude Code)
• I have implemented and tested all related authorization policies.
  (e.g., :owner, :admin, :editor, :viewer)
• I have updated the changelog.
• I have ticked a box in "AI usage" in this PR

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.43%. Comparing base (e7c8d51) to head (86125f5).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4476      +/-   ##
==========================================
- Coverage   89.47%   89.43%   -0.05%     
==========================================
  Files         425      425              
  Lines       20212    20212              
==========================================
- Hits        18085    18076       -9     
- Misses       2127     2136       +9     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[brandonjackson]

Very cool! Will be interesting to keep an eye on false negatives.