fix: Fix git path issue in PR creation step

Work from repo root instead of backend directory for git operations.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: surinderunitone

.github/workflows/security-guard.yml

@@ -219,13 +219,13 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          # Check for changes in backend
-          cd backend
+          # Work from repo root
           git config user.name "github-actions[bot]"
           git config user.email "github-actions[bot]@users.noreply.github.com"
 
-          if git diff --quiet -- . ':!manifest.json' ':!security-report.json'; then
-            echo "No code changes to commit"
+          # Check for Python file changes
+          if ! git diff --name-only | grep -q '\.py$'; then
+            echo "No Python file changes to commit"
             echo "pr_created=false" >> $GITHUB_OUTPUT
             exit 0
           fi
@@ -234,8 +234,8 @@ jobs:
           BRANCH_NAME="fix/security-$(date +%Y%m%d-%H%M%S)"
           git checkout -b "$BRANCH_NAME"
 
-          # Commit ONLY the Python files that were fixed (exclude workflow, manifest, reports)
-          git diff --name-only HEAD | grep '\.py$' | xargs -r git add
+          # Commit ONLY the Python files that were fixed
+          git diff --name-only | grep '\.py$' | xargs git add
           git commit -m "fix: Security vulnerability fixes
 
           Automated fixes by UnitOneFlow Security Guard.
@@ -247,7 +247,7 @@ jobs:
           # Push branch
           git push -u origin "$BRANCH_NAME"
 
-          # Create PR
+          # Create PR (use cd to go back to repo root for gh command)
           PR_URL=$(gh pr create \
             --title "[Security] Fix ${{ steps.detect.outputs.count }} vulnerability(s)" \
             --body "## Security Vulnerability Fixes