fix: add workflow_dispatch trigger to audit workflow

Pushes and PR events made with GITHUB_TOKEN don't trigger other
workflows. Since workflow_dispatch is exempt from this restriction,
adding it allows automated workflows to trigger the audit check
via gh workflow run.

Author: jdalton

.github/workflows/audit-gha-workflows.yml

@@ -3,6 +3,7 @@ on:
   pull_request:
   push:
     branches: [master, main]
+  workflow_dispatch:
 permissions:
   contents: read
 jobs:
@@ -15,12 +16,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
-      - name: Install zizmor
-        run: pip install zizmor==1.23.1
       - name: Run zizmor
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          if [ -d .github ]; then
-            zizmor .github --gh-token "${GITHUB_TOKEN}" --min-severity medium
-          fi
+        uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2
+        with:
+          min-severity: medium