chore: add CodeRabbit and gitleaks configs (#12)

## Summary
- Add .coderabbit.yaml for automated code review
- Add .gitleaks.toml for secret scanning

Standardizing configs across all baker-scripts repos.

Author: bakerboy448

.coderabbit.yaml

@@ -0,0 +1,22 @@
+language: en-US
+reviews:
+  profile: assertive
+  request_changes_workflow: true
+  high_level_summary: true
+  poem: false
+  review_status: true
+  collapse_walkthrough: false
+  path_instructions:
+    - path: "*.py"
+      instructions: |
+        Review for security issues — validate all user inputs.
+        Check for proper error handling and logging.
+    - path: ".github/workflows/**"
+      instructions: |
+        Check for command injection via untrusted GitHub context variables.
+        Verify secrets are not exposed in logs.
+    - path: "Dockerfile"
+      instructions: |
+        Check for security best practices — non-root user, minimal base image.
+chat:
+  auto_reply: true

.gitleaks.toml

@@ -0,0 +1,12 @@
+# Gitleaks configuration
+# https://github.com/gitleaks/gitleaks
+
+title = "RedditModLog gitleaks config"
+
+[allowlist]
+  description = "Global allowlist"
+  paths = [
+    '''\.env\.example''',
+    '''__pycache__/''',
+    '''\.pytest_cache/''',
+  ]