fix: improve safety scan to handle vulnerabilities properly

- Capture safety exit code separately to avoid job failure
- Upload safety exit code as artifact for analysis
- This allows security audit to complete even with vulnerabilities found

Author: AlmostBald-TRADING

.github/workflows/ci.yml

@@ -84,7 +84,7 @@ jobs:
           pip install safety pip-audit
       - name: Security audit
         run: |
-          safety check --json > safety-results.json || echo '{"vulnerabilities": []}' > safety-results.json
+          safety check --json > safety-results.json; echo $? > safety-exit-code.txt
           pip-audit --desc --format=json --output=audit-results.json
       - name: Upload security audit results
         if: always()
@@ -93,6 +93,7 @@ jobs:
           name: security-audit-results
           path: |
             safety-results.json
+            safety-exit-code.txt
             audit-results.json
 
   pre-commit: