Security scanning for functions/runtimes

Problem to solve

Functions created for knative do not currently undergo security scanning

Further details

(Include use cases, benefits, and/or goals)

Proposal

1. Perform security scanning for the runtime being referenced for the function
2. Perform security scanning for the function code

What does success look like, and how can we measure that?

(If no way to measure success, link to an issue that will implement a way to measure this)

Links / references