Add npm audit job to CI pipeline

- Add security audit job after install step
- Configure audit to fail on medium (moderate) or higher severity vulnerabilities
- Audit job reuses node_modules cache from install job
- Audit job always runs regardless of cache hit status

Fixes CI-126.

Co-authored-by: maor-rozenfeld <49363375+maor-rozenfeld@users.noreply.github.com>

Author: Copilot

.github/workflows/ci.yml

@@ -25,6 +25,21 @@ jobs:
       - name: Install dependencies
         if: steps.node-modules-cache.outputs.cache-hit != 'true'
         run: npm ci --no-audit --no-fund
+  audit:
+    name: Security Audit
+    needs: install
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v5.0.1
+      - name: Restore node_modules cache
+        id: node-modules-cache
+        uses: actions/cache/restore@v4.3.0
+        with:
+          path: node_modules
+          key: node-modules-cache-${{ hashFiles('package-lock.json', '.npmrc') }}
+          fail-on-cache-miss: true
+      - name: Run npm audit
+        run: npm audit --audit-level=medium
   lint:
     name: Lint
     needs: install