refactor(scripts): use shared SecurityHelpers and CIHelpers modules in security scripts

[WilliamBerryiii]

Description

Refactored security scripts to consume shared SecurityHelpers and CIHelpers modules, eliminating duplicated helper functions across Update-ActionSHAPinning.ps1 and Test-SHAStaleness.ps1. Stabilized YAML display key ordering in hve-core-all collection output. Removed the dt-method-09-deep Design Thinking instruction file and updated the github-backlog-manager agent tools declaration format.

• refactor(scripts): replaced local Write-SecurityLog, Add-SecurityIssue, and Write-OutputResult in Update-ActionSHAPinning.ps1 with shared module imports from SecurityHelpers.psm1 and CIHelpers.psm1, renamed output function to Write-SecurityOutput, and switched $script:SecurityIssues from array to List[PSCustomObject] with New-SecurityIssue
• refactor(scripts): converted $script:StaleDependencies in Test-SHAStaleness.ps1 from array concatenation (+=) to List[PSCustomObject] with .Add() and renamed Write-OutputResult to Write-SecurityOutput
• test(scripts): removed duplicated test blocks for Write-SecurityLog, Add-SecurityIssue, and Write-OutputResult from both test files and updated mock references to match renamed functions (Write-SecurityOutput, New-SecurityIssue)
• fix(scripts): stabilized display key order in hve-core-all YAML output by rebuilding the display section as an ordered hashtable before serialization
• test(build): added Update-HveCoreAllCollection display key ordering tests covering featured-only, ordering-only, and combined-key scenarios
• chore: removed dt-method-09-deep.instructions.md and associated collection manifest entries, plugin symlinks, and ADKAR spell-check dictionary term
• chore: updated github-backlog-manager.agent.md tools declaration to explicit tool list format

Related Issue(s)

Type of Change

Select all that apply:

Code & Documentation:

• Bug fix (non-breaking change fixing an issue)
• New feature (non-breaking change adding functionality)
• Breaking change (fix or feature causing existing functionality to change)
• Documentation update

Infrastructure & Configuration:

• GitHub Actions workflow
• Linting configuration (markdown, PowerShell, etc.)
• Security configuration
• DevContainer configuration
• Dependency update

AI Artifacts:

• Reviewed contribution with prompt-builder agent and addressed all feedback
• Copilot instructions (.github/instructions/*.instructions.md)
• Copilot prompt (.github/prompts/*.prompt.md)
• Copilot agent (.github/agents/*.agent.md)
• Copilot skill (.github/skills/*/SKILL.md)

Note for AI Artifact Contributors:

• Agents: Research, indexing/referencing other project (using standard VS Code GitHub Copilot/MCP tools), planning, and general implementation agents likely already exist. Review .github/agents/ before creating new ones.
• Skills: Must include both bash and PowerShell scripts. See Skills.
• Model Versions: Only contributions targeting the latest Anthropic and OpenAI models will be accepted. Older model versions (e.g., GPT-3.5, Claude 3) will be rejected.
• See Agents Not Accepted and Model Version Requirements.

Other:

• Script/automation (.ps1, .sh, .py)
• Other (please describe):

Sample Prompts (for AI Artifact Contributions)

GHCP Artifact Maturity

Warning

This PR removes an experimental GHCP artifact.
.github/instructions/design-thinking/dt-method-09-deep.instructions.md was maturity experimental in the design-thinking collection.

File	Type	Maturity	Notes
.github/agents/github/github-backlog-manager.agent.md	Agent	✅ stable	Tools format updated
.github/instructions/design-thinking/dt-method-09-deep.instructions.md	Instructions	⚠️ experimental	Removed in this PR

GHCP Maturity Acknowledgment

• I acknowledge this PR includes non-stable GHCP artifacts
• Non-stable artifacts are intentional for this change

Testing

Checklist

Required Checks

• Documentation is updated (if applicable)
• Files follow existing naming conventions
• Changes are backwards compatible (if applicable)
• Tests added for new functionality (if applicable)

AI Artifact Contributions

• Used /prompt-analyze to review contribution
• Addressed all feedback from prompt-builder review
• Verified contribution follows common standards and type-specific requirements

Required Automated Checks

The following validation commands must pass before merging:

• Markdown linting: npm run lint:md
• Spell checking: npm run spell-check
• Frontmatter validation: npm run lint:frontmatter
• Skill structure validation: npm run validate:skills
• Link validation: npm run lint:md-links
• PowerShell analysis: npm run lint:ps

Security Considerations

• This PR does not contain any sensitive or NDA information
• Any new dependencies have been reviewed for security issues
• Security-related scripts follow the principle of least privilege

Additional Notes

• Write-OutputResult was renamed to Write-SecurityOutput in both security scripts to align with the shared module's export naming convention.
• Removed test blocks for Write-SecurityLog, Add-SecurityIssue, and Write-OutputResult are now covered by SecurityHelpers.psm1 module-level tests.
• The dt-method-09-deep.instructions.md removal also cleaned up the ADKAR acronym from .cspell/industry-acronyms.txt.

🔧 Generated by Copilot

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[codecov-commenter]

Codecov Report

❌ Patch coverage is 24.13793% with 22 lines in your changes missing coverage. Please review.
✅ Project coverage is 85.79%. Comparing base (6258b1c) to head (c856945).
⚠️ Report is 4 commits behind head on main.

Files with missing lines	Patch %	Lines
scripts/security/Update-ActionSHAPinning.ps1	17.39%	19 Missing ⚠️
scripts/security/Test-SHAStaleness.ps1	50.00%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #705      +/-   ##
==========================================
- Coverage   86.53%   85.79%   -0.75%     
==========================================
  Files          23       23              
  Lines        4836     4801      -35     
==========================================
- Hits         4185     4119      -66     
- Misses        651      682      +31     

Flag	Coverage Δ
pester	85.79% <24.13%> (-0.75%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
scripts/security/Test-SHAStaleness.ps1	64.88% <50.00%> (-3.06%)	⬇️
scripts/security/Update-ActionSHAPinning.ps1	73.53% <17.39%> (-6.12%)	⬇️

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.