fix: add safety checks and clarify security policy in workflows

Co-authored-by: huangyiirene <7665279+huangyiirene@users.noreply.github.com>

Author: Copilot

.github/dependabot.yml

@@ -8,8 +8,6 @@ updates:
       day: "monday"
       time: "02:00"
     open-pull-requests-limit: 10
-    reviewers:
-      - "objectstack-ai/maintainers"
     commit-message:
       prefix: "chore(deps)"
       include: "scope"

.github/workflows/pr-automation.yml

@@ -75,6 +75,10 @@ jobs:
 
       - name: Check for changesets
         run: |
+          if [ ! -d ".changeset" ]; then
+            echo "::warning::.changeset directory not found. Skipping changeset check."
+            exit 0
+          fi
           CHANGESET_COUNT=$(find .changeset -name '*.md' ! -name 'README.md' | wc -l)
           if [ "$CHANGESET_COUNT" -eq 0 ]; then
             echo "::warning::No changeset found. Please add a changeset if this PR includes user-facing changes."

.github/workflows/validate-deps.yml

@@ -51,6 +51,8 @@ jobs:
           
       - name: Check for dependency issues
         run: |
+          # Fail the workflow if high-severity vulnerabilities are found
+          # This enforces security compliance before merging
           pnpm audit --audit-level=high
 
       - name: List outdated packages