Add GitHub Actions auto-labeling workflows

[stealthwhizz]

Summary

• Add 6 GitHub Actions workflows for automated issue and PR labeling
• Quality labels: Mutually exclusive quality: high/medium/low — adding one removes the others
• PR size labels: size: small/medium/large/very large based on files changed count
• Activity tracking: Daily cron + event-driven activity: active/getting stale/stale/abandoned labels for open issues and PRs
• Content labeling: Keyword scanning on title/body with structured taxonomy:
  • Type: type: bug, type: enhancement, type: documentation, type: question, type: security
  • Priority (mutually exclusive): priority: high, priority: medium, priority: low
  • Area/Scope: area: ctf, area: agents, area: tools, area: tests, area: frontend, area: build, area: database, area: admin, area: web
  • Contributor signals: good first issue, help wanted
  • Status: Auto-applies status: needs triage to every new issue
• New contributor: Detects first-time contributors and applies first contribution label
• Migration detection: Applies database migration label when alembic/versions/ files are changed

Issue Templates

Added GitHub Issue Templates that auto-apply type labels on creation:

• Bug Report → type: bug
• Feature Request → type: enhancement
• Documentation → type: documentation
• Question → type: question
• Security Issue → type: security

Design decisions

• All workflows use GITHUB_TOKEN only (no external API keys)
• Labels are created dynamically with hex colors if they don't exist
• pull_request_target is used for all PR triggers (fork-compatible)
• Conflicting/outdated labels are removed before applying new ones
• Combines template-based (Option 1) and keyword-based (Option 2) labeling for full coverage

Test plan

• Open a test PR with 1 file changed → verify size: small label appears
• Open a test PR with 6+ files → verify size: large label
• Add quality: high then quality: low → verify quality: high is removed
• Create an issue with "bug" in the title → verify type: bug label is applied
• Create an issue using the Bug Report template → verify type: bug label
• Create an issue with "urgent" in the body → verify priority: high label
• Open a new issue → verify status: needs triage is auto-applied
• Open a PR from a new contributor → verify first contribution label
• Open a PR touching alembic/versions/ → verify database migration label
• Wait for daily cron or manually trigger → verify activity labels on stale issues