New audit: artifact poisoning

[woodruffw]

Repositories and their forks share the same artifact ID namespace, which means that an attacker-controlled fork can poison the artifacts for an upstream workflow that uses the workflow artifact APIs (or an action like dawidd6/action-download-artifact) to download cross-workflow artifacts.

Versions of dawidd6/action-download-artifact before v6 had allow_forks: true by default. These should now be caught by our vulnerable-actions audit thanks to GHSA-5xr6-xhww-33m4.

However, it'd still be good to catch these more generally. That includes:

• dawidd6/action-download-artifact v6+ where the user explicitly does allow_forks: true
• Other similar workflows that still do the same thing by default
• People using the REST APIs directly via actions/github-script or similar (github.actions.listWorkflowRunArtifacts(...)) without appropriate filtering

That last one is a bit harder to do, but we can certainly handle the first two.

Assigning this to myself.