Add PR Code Security Workflow

[luiz1361]

Summary

Adds a GitHub Actions workflow that runs on every pull request targeting the default branch:

• Secret Detection - reusable workflow from prisma/.github
• Code Scanning - reusable workflow from prisma/.github

Both workflows are maintained centrally in prisma/.github and invoked via uses: with secrets: inherit.

Why

Ensures all PRs are scanned for leaked secrets and code security issues before merge.

Summary by CodeRabbit

• Chores
  • Enhanced pull request security workflow by integrating automated secret detection and code scanning checks to ensure code quality and prevent security vulnerabilities from being merged.

[coderabbitai]

Walkthrough

A new GitHub Actions workflow file was added that triggers on pull requests to the main branch. It orchestrates two reusable workflows for secret detection and code scanning from a shared GitHub Actions repository, running both jobs as part of the PR validation process.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow .github/workflows/pr-code-security.yml	New workflow file that defines PR-triggered security checks. Composes two reusable workflows: secret detection and code scanning, both sourced from prisma/.github and guarded by pull_request event conditions.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Add PR Code Security Workflow' directly and clearly summarizes the main change: adding a GitHub Actions workflow for PR code security checks.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch infra/add-pr-code-security-20260306122951

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: fa6e56a9-b88d-4925-8b0e-c13b12954c6d

📥 Commits

Reviewing files that changed from the base of the PR and between a5dffa0 and 07f775a.

📒 Files selected for processing (1)

• .github/workflows/pr-code-security.yml

[Nova-ZA]

Approved.