diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
deleted file mode 100644
index bda92cb1..00000000
--- a/.github/workflows/codeql.yml
+++ /dev/null
@@ -1,41 +0,0 @@
-name: "CodeQL"
-
-on:
-  push:
-    branches: [ "master", "main" ]
-  pull_request:
-    branches: [ "master", "main" ]
-  schedule:
-    - cron: '30 2 * * 1'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'javascript' ]
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v6
-
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v4
-      with:
-        languages: ${{ matrix.language }}
-        queries: security-extended,security-and-quality
-
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v4
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v4
-      with:
-        category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/label-migrator.yml b/.github/workflows/label-migrator.yml
new file mode 100644
index 00000000..2ed12738
--- /dev/null
+++ b/.github/workflows/label-migrator.yml
@@ -0,0 +1,67 @@
+name: Migrate Labels from Issue to PR
+
+on:
+  pull_request_target:
+    types: [opened, edited]
+
+jobs:
+  migrate-labels:
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      issues: read
+    steps:
+      - name: Migrate Labels
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const prBody = context.payload.pull_request.body;
+            if (!prBody) {
+              console.log("No PR body found");
+              return;
+            }
+            
+            // Regex to find linked issues like "Fixes #123", "Resolves #123", "Closes #123"
+            const issueRegex = /(?:fix(?:e[sd])?|resolve[sd]?|close[sd]?)\s+#(\d+)/gi;
+            let match;
+            const issueNumbers = [];
+            while ((match = issueRegex.exec(prBody)) !== null) {
+              issueNumbers.push(parseInt(match[1]));
+            }
+            
+            if (issueNumbers.length === 0) {
+              console.log("No linked issues found in PR body");
+              return;
+            }
+            
+            console.log(`Found linked issues: ${issueNumbers.join(", ")}`);
+            
+            const labelsToAdd = new Set();
+            
+            for (const issueNumber of issueNumbers) {
+              try {
+                const issue = await github.rest.issues.get({
+                  owner: context.repo.owner,
+                  repo: context.repo.repo,
+                  issue_number: issueNumber,
+                });
+                
+                for (const label of issue.data.labels) {
+                  labelsToAdd.add(label.name);
+                }
+              } catch (error) {
+                console.log(`Could not fetch issue #${issueNumber}: ${error.message}`);
+              }
+            }
+            
+            if (labelsToAdd.size > 0) {
+              console.log(`Adding labels: ${Array.from(labelsToAdd).join(", ")}`);
+              await github.rest.issues.addLabels({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.payload.pull_request.number,
+                labels: Array.from(labelsToAdd)
+              });
+            } else {
+              console.log("No labels to migrate");
+            }
diff --git a/.github/workflows/nuclei-scan.yml b/.github/workflows/nuclei-scan.yml
deleted file mode 100644
index 1042dda2..00000000
--- a/.github/workflows/nuclei-scan.yml
+++ /dev/null
@@ -1,64 +0,0 @@
-name: "Nuclei Security Scan"
-
-on:
-  push:
-    branches: [ "master", "main" ]
-  pull_request:
-    branches: [ "master", "main" ]
-
-jobs:
-  nuclei-scan:
-    runs-on: ubuntu-latest
-    name: Nuclei API & Web Security Scan
-    permissions:
-      contents: read
-      issues: write
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v6
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v6
-        with:
-          node-version: '20'
-          cache: 'npm'
-
-      - name: Install dependencies
-        run: npm ci
-
-      - name: Build Next.js (static export)
-        run: npm run build
-        env:
-          NEXT_PUBLIC_FIREBASE_API_KEY: "mock_api_key"
-          NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN: "mock.firebaseapp.com"
-          NEXT_PUBLIC_FIREBASE_PROJECT_ID: "mock_project_id"
-          NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET: "mock.appspot.com"
-          NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID: "123456789"
-          NEXT_PUBLIC_FIREBASE_APP_ID: "1:123456789:web:abcdef"
-
-      - name: Serve static build
-        run: npx serve@latest out -l 3000 &
-
-      - name: Wait for server to be ready
-        run: |
-          for i in {1..15}; do
-            curl -s http://localhost:3000 > /dev/null && echo "Server is up!" && break
-            echo "Waiting for server... ($i)"
-            sleep 2
-          done
-
-      - name: Run Nuclei Scan
-        uses: projectdiscovery/nuclei-action@v3
-        with:
-          target: http://localhost:3000
-          flags: "-tags exposure,misconfig,headers,tech -severity low,medium,high,critical"
-          output: nuclei-results.txt
-
-      - name: Upload Nuclei Results
-        uses: actions/upload-artifact@v7
-        if: always()
-        with:
-          name: nuclei-security-report
-          path: nuclei-results.txt
-          retention-days: 30