Add support for Security Review: ECA event exposed as a plugin for that

Problem/Motivation

The Security Review → module has a plugin manager that allows to extend the scope of what the framework actually can scan, test, and report upon.

ECA should provide an event that exposes itself as a plugin for that module. Maybe this is something that should go into a separate module though, e.g. eca_security_review.