## TL;DR Add the `AttributeProjectResolver` service into `SecurityMetricsResolver` to filter vulnerabilities by security attributes, storing the filtered project IDs in the context. ## Acceptance Criteria - [x] When feature flag is enabled and `security_attributes_filters` is provided, resolver calls `SecurityAttributesResolver` - [x] When both `project_id` argument AND `security_attributes_filters` are provided, the intersection of project IDs is used - [x] Filtering only applies to Group level ## Implementation Details Technical specifics e.g. files to change, functions, API endpoints, or data model updates. ## Testing Approach - [ ] Unit tests - [ ] Integration tests - [ ] Manual validation steps ## Estimate