Document expected security findings baseline in campaign worker workflows

[Copilot]

Worker workflows in the Security Alert Burndown Campaign lacked baseline context about expected findings distribution across the repository.

Changes

Added Campaign Context section to each worker workflow documenting:

• Total expected findings: 21 security alerts
• Breakdown by type: 1 Dependabot, 3 Code scanning, 17 Secret scanning
• Each worker's specific responsibility within the campaign

Modified Workflows

• code-scanning-fixer.md - handles 3 code scanning alerts
• security-fix-pr.md - handles 3 code scanning alerts
• dependabot-bundler.md - handles 1 Dependabot alert
• secret-scanning-triage.md - handles 17 secret scanning alerts

Example

## Campaign Context

This workflow is part of the **Security Alert Burndown Campaign**, which expects to find and address **21 total security findings** across the repository:
- **17 Secret scanning alerts** (this workflow addresses these)
- **3 Code scanning alerts** (handled by code-scanning-fixer and security-fix-pr workflows)
- **1 Dependabot alert** (handled by dependabot-bundler workflow)

Your focus is on the **17 secret scanning alerts**.

This context helps workers understand their scope within the campaign's objectives and prioritize work accordingly.

Original prompt

Check worker workflows instructions from Security Alert Burndown campaign: We should have 21 security findings by Security Alert Burndown Campaign: 1 from Dependabbot, 3 from Code scanning, and 17 from secret scanning

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.