CI: run `cargo audit` regularly to keep our deps in a good shape

[stefano-garzarella]

In rust-vmm we run cargo audit on every PR/merge.
I think we can do something similar to be more reactive. For example the security advisor related to #816 was published more than 1 month ago.

In addition to every PR/merge, maybe we can also run a daily/weekly task to check our deps using https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows#schedule