Add security patterns based on common vulnerability types

[S3DFX-CYBER]

The current config/security_patterns.json contains generic patterns but lacks coverage for common real-world vulnerability types that frequently appear in web applications and open-source projects.

Proposed Solution

Expand config/security_patterns.json with patterns for the top 10 most common vulnerability types in web applications, each including:

1. File pattern matching (which files trigger this pattern)
2. Label pattern matching (which issue labels trigger this pattern)
3. Severity level (info/warning/critical)
4. Specific guidance (actionable advice, not generic warnings)
5. OWASP documentation links (relevant cheat sheets and references)

[github-actions]

🛡️ BLT Preflight Security Advisory

This advisory system helps you understand security expectations before contributing.

---

🔵 Security Information

General Security Guidance

Thank you for contributing! Please review these general security best practices.

Recommendations:

• Review OWASP Top 10 security risks
• Ensure input validation is in place
• Check for proper error handling
• Verify authentication and authorization
• Avoid hardcoding sensitive information

Learn more:

• https://owasp.org/www-project-top-ten/
• https://cheatsheetseries.owasp.org/

---

This is an advisory system - not enforcement. These suggestions help prevent common security issues.

Questions? Check our documentation or ask a maintainer.

[S3DFX-CYBER]

@DonnieBLT i would like to work on this issue, if this is legit

[stealthwhizz]

@DonnieBLT Could you assign me this?

it has been 2 weeks since assigned and a PR has not been sent solving this issue .

@S3DFX-CYBER I would love helping you in this if you need my help or could i take this Issue?

[stealthwhizz]

@S3DFX-CYBER is this issue linked with #10 ?

[S3DFX-CYBER]

@stealthwhizz yes sry i forgot to mention this issue in the pr

[stealthwhizz]

@S3DFX-CYBER its ok.. Peace

[S3DFX-CYBER]

@stealthwhizz would love a review if possible

[sushantkhemalapure]

Hi, I see there is already a PR for this.
I’d like to contribute further by improving or extending the security patterns.
Please let me know if that would be helpful.

[S3DFX-CYBER]

@sushantkhemalapure thanks but let's just keep a wait till gsoc