Add Dependabot for Dependency Management & Security Monitoring

Let’s add a dependabot to automate weekly checks for GitHub Actions dependencies, generate PRs for minor/patch updates with a 3-PR concurrency limit , and actively flag critical security vulnerabilities. This will keep dependencies up-to-date while maintaining control over automated changes.