feature: Cursor-CLI Agent #429

	name: Security

	on:
	push:
	branches: [main, master]
	pull_request:
	schedule:
	- cron: '0 0 * * 0' # Weekly on Sunday
	workflow_dispatch:

	permissions:
	contents: read
	security-events: write

	jobs:
	codeql:
	name: CodeQL Analysis
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v6

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v4
	with:
	languages: python

	- name: Autobuild
	uses: github/codeql-action/autobuild@v4

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v4

	safety:
	name: Dependency Security Scan
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v6

	- name: Set up Python
	uses: actions/setup-python@v6
	with:
	python-version: '3.12'

	- name: Install dependencies
	run: \|
	pip install safety

	- name: Run safety check
	run: \|
	safety check --json \|\| true

Provide feedback