fix(ci): replace gitleaks-action with container-based gitleaks

The gitleaks-action@v2 requires a paid license for organization repos.
Run gitleaks directly from the dev-toolchain image instead.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: matthew-on-git

.github/workflows/ci.yml

@@ -33,6 +33,9 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Run gitleaks
-        uses: gitleaks/gitleaks-action@v2
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          docker run --rm \
+            -v "$(pwd):/workspace" \
+            -w /workspace \
+            ghcr.io/devrail-dev/dev-toolchain:v1 \
+            gitleaks detect --source /workspace --verbose