fix(ci): patch shell injection and unsafe pull_request_target

[stevefulme1]

Summary

• gitleaks.yml: Removed pull_request_target trigger that checked out untrusted PR code with repo write permissions. The pull_request trigger already covers same-repo PRs safely.
• slack-pr-notifications.yml: Moved all user-controlled GitHub context values (PR title, user login, review state) from inline ${{ }} interpolation in run: steps to env: block variables, preventing shell injection via crafted PR titles.

Both vulnerabilities were identified by Semgrep static analysis:

• pull-request-target-code-checkout (ERROR)
• run-shell-injection (ERROR)

Test plan

• Semgrep scan returns clean on both files after the fix
• Gitleaks workflow still triggers on push and pull_request to main
• Slack notifications still fire correctly on PR open/close/review events

🤖 Generated with Claude Code

[spyrexd]

Does this supersede #31 ?

[sabre1041]

@stevefulme1 this looks good. Only outstanding item is that there is a COPYING file that appears to be almost exactly the same as the LICENSE. One we resolve this discussion, we should be able to integrate these changes