Description:
The current pr-jest-tests.yml workflow has a critical security vulnerability and several performance inefficiencies.

Vulnerabilities & Issues:

Privilege Escalation Risk: Using the pull_request_target trigger alongside an explicit PR code checkout allows untrusted code to run in a privileged context during dependency installation. A malicious PR could potentially execute arbitrary code (e.g., via npm install lifecycle scripts).

Inefficient Installs: Using npm install without caching slows down the pipeline and introduces non-deterministic dependency trees.

Proposed Solution:

Secure the workflow by switching to the standard pull_request trigger to isolate untrusted code.

Remove the explicit ref checkout override.

Switch to npm ci --ignore-scripts for faster, deterministic, and highly secure dependency installation.

Optimize performance by adding cache: 'npm' to the setup-node action.