add sample security scan workflow

Author: r1anl3

.github/workflows/security_scan.yml

@@ -0,0 +1,29 @@
+name: Security Scan (Ruby)
+
+on:
+  push:
+    # branches: [ main ]
+    branches: [ VuLH ]
+  pull_request:
+
+jobs:
+  trivy-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Trivy FS scan (Ruby dependencies)
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: fs
+          severity: HIGH,CRITICAL
+          ignore-unfixed: true
+          format: table
+          output: trivy-report.txt
+
+      - name: Upload Trivy report
+        uses: actions/upload-artifact@v4
+        with:
+          name: trivy-report
+          path: trivy-report.txt