ci: fix security_scan push trigger branch and add workflow timeout

[divyamagrawal06]

Description

Fix Security Scans workflow trigger and add minimal guardrails.

Related Issue

Fixes #6181

PR Category

• Bug Fix: Fixes a bug or incorrect behavior
• Feature: Adds new functionality
• Performance: Improves performance (load time, memory, rendering, etc.)
• Tests: Adds or updates test coverage
• Documentation: Updates to docs, comments, or README

Changes Made

• Updated .github/workflows/security_scan.yml push trigger branch from main to master.
• Added top-level workflow permissions: contents: read.
• Added job timeout: timeout-minutes: 10.

Testing Performed

• npx prettier --check .github/workflows/security_scan.yml passes.
• Security Scans workflow was run manually from GitHub Actions on this branch and passed.
• Linter passes.
• Existing unrelated test failures remain; no application/runtime code changed in this PR.

Checklist

• I have tested these changes locally and they work as expected.
• I have added/updated tests that prove the effectiveness of these changes.
• I have updated the documentation to reflect these changes, if applicable.
• I have followed the project's coding style guidelines.
• I have run npm run lint and npx prettier --check . with no errors.
• I have addressed the code review feedback from the previous submission, if applicable.

[github-actions]

❌ Some Jest tests failed. Please check the logs and fix the issues before merging.

Failed Tests:

GraphicsBlocks.test.js

[parthdagia05]

@divyamagrawal06 you have unnecessary formatting changes can you fix that

[github-actions]

❌ Some Jest tests failed. Please check the logs and fix the issues before merging.

Failed Tests:

GraphicsBlocks.test.js

[divyamagrawal06]

@parthdagia05 Reverted the formatting.
(And officially disabled prettier for yaml files in this project lol)