Skip installing dependencies in audit

It seems the tools only require the lock files.

.github/workflows/security.yaml

@@ -34,21 +34,8 @@ jobs:
         with:
           node-version: "18"
 
-      - name: Fetch dependencies from cache
-        id: cache-yarn
-        uses: actions/cache@v3
-        with:
-          path: "**/node_modules"
-          key: yarn-build-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            yarn-build-
-
-      - name: Install dependencies
-        if: steps.cache-yarn.outputs.cache-hit != 'true'
-        run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
-
       - name: Audit yarn for vulnerabilities
-        run: yarn _audit
+        run: yarn audit
         if: success()
 
       - name: Audit npm for vulnerabilities