Add mcp-safety-scanner CI (baseline) #10

	name: MCP Safety Scan

	on:
	push:
	branches:
	- main
	paths:
	- "src/**"
	- ".github/workflows/mcp-safety-scan.yml"
	- ".mcp-safety-baseline.json"
	pull_request:
	paths:
	- "src/**"
	- ".github/workflows/mcp-safety-scan.yml"
	- ".mcp-safety-baseline.json"

	permissions:
	contents: read

	jobs:
	scan:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- uses: actions/setup-node@v4
	with:
	node-version: 20

	# Pin the action version for supply-chain safety.
	- uses: TheodorNEngoy/mcp-safety-scanner@5ecea148c56d0e38b297623f9eb6b467e2fccf71 # v0.4.8
	with:
	path: src
	baseline: .mcp-safety-baseline.json
	fail-on: high
	format: github

Provide feedback