Execute the `glfm-verify` on security merge requests

The glfm-verify job recently failed on the GitLab security default branch but not in the canonical repository. This prevented auto-deploy branches from being created and as such it blocked the deployments and a release process that was in progress (https://gitlab.com/gitlab-org/gitlab/-/issues/393774), details on https://gitlab.com/gitlab-org/release/tasks/-/issues/5300.

The glfm-verify failure was most likely caused by some merge requests merged on the Security repository, and given the glfm-verify job only runs when a subset of files is changed, the failure was detected on the default branfch. To prevent these failures, we should consider executing the glfm-verify on security merge requests.