Relates #11047

With enabling GHAS review of CodeQL and secret scanning for cli/cli, there has been an increase of false positive alerts within pull requests due to #11047.

This issue is to reduce the alerts by excluding the third-party directory, which contains source code for 3rd modules we must redistribute due to licenses.

Expected outcomes

• Code scanning alerts ignore third-party directory and related markdown reports
• Secret scanning alerts ignore third-party directory and related markdown reports