Refactor security target into dedicated security/ folder

[Copilot]

Security scanning targets (pip-audit, bandit) were buried in tests/tests.mk. Extracted to security/security.mk for better discoverability and consistency with other feature modules (docker/, book/, presentation/).

Changes

• Created security/security.mk with security target
• Removed security target from tests/tests.mk
• Updated .rhiza/rhiza.mk to include security/security.mk

The security target behavior is unchanged:

security: install ## run security scans (pip-audit and bandit)
	@${UVX_BIN} pip-audit
	@${UVX_BIN} bandit -r ${SOURCE_FOLDER} -ll -q

Now surfaces in make help under dedicated ##@ Security section.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Make security an own folder with security.mk</issue_title>
<issue_description>currently security jobs are hidden test.mk</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Make security an own folder with security.mk #432

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[HarryCampion]

This might be overkill to have its' own folder? unless you envisage artefacts like we see in presentation, book, docker etc?

[tschm]

would it be better to have security.mk in make.d? Or no security.mk at all? Currently it's hidden in test.mk. Some users won't use tests, e.g. no tests folder, no test.mk and hence rhiza_security will fail as 'make security' will fail