add bandit pipeline

Author: DanChov

.github/workflows/security_check.yml

@@ -0,0 +1,23 @@
+name: Security Scan (Bandit)
+
+on: [push, pull_request]
+
+jobs:
+  bandit:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.9'
+
+      - name: Install Bandit
+        run: pip install bandit
+
+      - name: Run Bandit
+        # -r znamená rekurzívne (celý priečinok)
+        # -ll filtruje len stredne a vysoko rizikové chyby
+        run: bandit -r . -ll