[StepSecurity] Apply security best practices

Signed-off-by: StepSecurity Bot <[email protected]>

Author: stepsecurity-int[bot]

.github/workflows/code-review.yml

@@ -20,4 +20,4 @@ jobs:
             int.api.stepsecurity.io:443
 
       - name: Code Review
-        uses: step-security/ai-codewise@int
+        uses: step-security/ai-codewise@ab9fe138367d6094b2df7f8469ddc2c5a79c9cf4 # int

.github/workflows/kbanalysis.yml

@@ -31,7 +31,7 @@ jobs:
           repository: step-security/secure-repo
 
       - name: KBAnalysis
-        uses: step-security/secure-workflows/kbanalysis@main
+        uses: step-security/secure-workflows/kbanalysis@48c05bac3ee824094e5177362e800d5bb4ae71cb # main
         with:
           github-token: ${{secrets.PAT}}
           owner: ${{inputs.owner}}