feat: integrate security scanning checks (QEMETRICS-2383)

[Benkapner]

Hey Guy, this PR is the security scanning gate we talked about in QEMETRICS-2380. It adds a new pipeline step that catches dangerous skill submissions before they reach scaffolding and container builds.

What it does

The scanner reads all SKILL.md files in a submission and checks for:

• Prompt injection (20 patterns) - "ignore previous instructions", jailbreak attempts, prompt leaks, encoding tricks, markdown image exfiltration, curl/wget data exfiltration, and more
• Sensitive file references (16 patterns) - ~/.ssh/, ~/.aws/credentials, /etc/shadow, ~/.kube/config, ~/.gnupg/, etc.
• Secret env vars (12 patterns) - $OPENAI_API_KEY, $AWS_SECRET_ACCESS_KEY, $GITHUB_TOKEN, etc.
• Dangerous commands (5 patterns) - sudo, chmod 777, rm -rf /, curl | sh

The scanner is context-aware: patterns inside code blocks or after "for example" become warnings instead of errors. Warnings don't block, errors do.

Where it fits

Runs after validation and before scaffold, in parallel with ai-review. Feature flag enable-security-scan (default on). No LLM calls, no new dependencies.

Files

• abevalflow/security_scanner.py - core scanning module
• scripts/security_scan.py - CLI entry point
• tests/test_security_scan.py - 58 tests
• pipeline/tasks/security_scan.yaml - Tekton task
• pipeline/pipeline.yaml - added parameter, task, updated scaffold runAfter

All 58 tests pass, full suite has no regressions, ruff clean.

Related: QEMETRICS-2383