Hello,
welcome in the UiPath community.
Very interesting question. A few month ago I asked a similar security question. In my opinion you can use QRadar or SonarQube to analyze the content of your package in the context of your CI/CD pipeline. Also you have the possibility to add your own Custom Rules to the Workflow Analyzer.
Best regards
Stefan
sharazkm32
singh_sumit
ashokkarale
lrtetala
prashant1603765
sonaliaggarwal47
Justin_Tan_Jun_Song_EE
Anil_G
mively
shrikrushna.bhoi