add action-cve workflow to post high, critical severity dependabot al…

…erts to slack (#361)

.github/workflows/check-for-vulnerabilities.yml

@@ -0,0 +1,15 @@
+name: 'Check for Vulnerabilities'
+
+on:
+  schedule:
+    - cron: '0 */6 * * *' # every 6 hours
+
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: kunalnagarco/[email protected]
+        with:
+          token: ${{ secrets.VULN_CHECK_PERSONAL_ACCESS_TOKEN }}
+          slack_webhook: ${{ secrets.VULN_CHECK_SLACK_WEBHOOK }}
+          severity: high,critical