patching recipe scanning workflows for permissions changes (#4579)

.github/workflows/recipe-security-scanner.yml

@@ -13,6 +13,7 @@ concurrency:
 permissions:
   contents: read
   pull-requests: write
+  issues: write
   statuses: write
 
 jobs:
@@ -140,6 +141,12 @@ jobs:
           # Set permissions for Docker container (scanner user is UID 1000)
           sudo chmod -R 777 "$OUT" || true
           
+          # Verify secrets are available (without logging details)
+          if [ -z "$OPENAI_API_KEY" ] || [ -z "$TRAINING_DATA_LOW" ] || [ -z "$TRAINING_DATA_MEDIUM" ] || [ -z "$TRAINING_DATA_EXTREME" ]; then
+            echo "❌ One or more required secrets are missing or inaccessible"
+            exit 1
+          fi
+          
           # Initialize overall scan results
           echo '{"scanned_recipes": [], "overall_status": "UNKNOWN", "failed_scans": 0}' > "$OUT/pr_scan_summary.json"