chore: add zizmor workflow for GitHub Actions security analysis

Agent-Logs-Url: https://github.com/CycloneDX/cyclonedx-python-lib/sessions/f5512c78-6b6d-46ca-adf5-4cf6045187b0

Co-authored-by: jkowalleck <2765863+jkowalleck@users.noreply.github.com>

Author: Copilot

.github/workflows/zizmor.yml

@@ -0,0 +1,36 @@
+# Analyzes all GitHub Actions workflows for security issues using zizmor.
+# docs: https://docs.zizmor.sh/
+name: Workflow Security Analysis (zizmor)
+
+on:
+  pull_request:
+    paths:
+      - ".github/workflows/**"
+  schedule:
+    # Every Saturday at 00:00 UTC
+    - cron: "0 0 * * 6"
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+
+jobs:
+  zizmor:
+    name: zizmor
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - name: Checkout
+        # see https://github.com/actions/checkout
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        with:
+          persist-credentials: false
+      - name: Run zizmor
+        # see https://github.com/zizmorcore/zizmor-action
+        uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3
+        with:
+          advanced-security: false
+          annotations: true