ci(github-actions): integrate Cisco AI Defense Skill Scanner (#3354)

Creates a new workflow to automatically scan the AI skills directory
for prompt injections and data exfiltration patterns.
Re-organizes skills.md into the Cisco Agent Skills specification format.
Fixes: WEB-836

fix(docs): rename skills file to standard SKILL.md specification

fix(docs): update SKILL.md based on coderabbit suggestion

ci(github-actions): integrate Cisco AI Defense Skill Scanner

Creates a new workflow to automatically scan the AI skills directory
for prompt injections and data exfiltration patterns.
Re-organizes skills.md into the Cisco Agent Skills specification format.
Updates SKILL.md rules.

Fixes: WEB-836

Co-authored-by: Ansh Varshney <your-email@example.com>

Author: ansh-varshney

.github/workflows/scan-skills.yml

@@ -0,0 +1,19 @@
+name: Scan AI Agent Skills
+
+on:
+  push:
+    paths:
+      - 'skills/**'
+  pull_request:
+    paths:
+      - 'skills/**'
+
+jobs:
+  scan:
+    uses: cisco-ai-defense/skill-scanner/.github/workflows/scan-skills.yml@main
+    with:
+      # We tell the scanner to look at the skills directory
+      skill_path: skills
+    permissions:
+      security-events: write
+      contents: read

AGENTS.md

@@ -12,6 +12,7 @@ This is a large-scale financial application. It contains many domain modules (e.
 - **`src/assets/`**: Contains static assets, i18n translation files (`.json`), and customizable environment templates.
 - **`src/environments/`**: Contains build-time environment flags.
 - **`src/theme/`**: Contains global SCSS and Angular Material custom thematic overrides.
+- **`skills/SKILL.md`**: Contains MUST-FOLLOW procedural constraints for AI UI generation (Material UI, i18n variables, file headers). ALWAYS read this before generating components.
 - **Domain Context**: Mifos/Fineract handles financial objects. "Clients" have "Savings" and "Loans". "Offices" are branches. "Centers" and "Groups" are for microfinance group-lending methodologies.
 - **Data Flow**: The UI interacts with Apache Fineract almost exclusively via REST. Expect payload structures to be strictly defined by the Fineract API specification.
 - **State Management**: The app relies heavily on RxJS Observables and route resolvers to fetch and pass data rather than a unified predictable state container like NgRx.

skills.md skills/SKILL.mdskills.md renamed to skills/SKILL.md

@@ -15,7 +15,7 @@ This file defines the procedural knowledge required for AI agents to successfull
 
 - Prefer Angular Material components/directives for interactive UI.
 - Use Material components where they exist (`<mat-table>`, `<mat-select>`) and Material directives on native controls where required (`<button mat-button>`, `<input matInput>`).
-- Use the 8px grid system for margins and padding (e.g., `margin-bottom: 16px;`, NOT `10px` or `15px`).
+- Use the 8px grid system for margins and padding using either utility classes (e.g., `class="m-b-16"`) or inline CSS (e.g., `margin-bottom: 16px;`). Arbitrary values like `10px` or `15px` are strictly prohibited.
 
 **Correct Example:**