Add AI code review tools evaluation policy

[cblecker]

Summary

• Adds github-management/ai-code-review-tools.md establishing a policy for evaluating AI-powered code review tools on a per-repo opt-in basis
• Covers the full lifecycle: requesting a new tool, privacy/security assessment, approval, 90-day pilot, evaluation, and removal
• Privacy and security assessment is owned by the GitHub Administration Team

Context

There has been growing interest in AI code review tools across Kubernetes orgs (kubernetes/org#5930). This policy provides a consistent framework for evaluating these requests.

fixes kubernetes/org#6234

/sig contributor-experience
/area github-management

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cblecker

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• github-management/OWNERS [cblecker]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[Priyankasaggu11929]

should we create a gh issue template in k/org specifically for these requests?

we can add a checkbox for folks requesting (sig leads / subproject leads) to acknowledge the Kubernetes AI usage policy - https://github.com/kubernetes/community/blob/main/contributors/guide/pull-requests.md#ai-guidance

Also, i am thinking should we ask the requesting folks as well to upfront provide a list of permissions that the integration would require. (gh admins will still do the verification)

[aojea]

how is this summary provided? is this going to be an artifact somewhere? is providing some structure to the summary a good idea so we can have consistency on the reports?