implemented a lot of security measures

app/Jobs/ProcessPhotoSecurityScan.php

@@ -67,12 +67,22 @@ class ProcessPhotoSecurityScan implements ShouldQueue
 
         $existingMeta = $photo->security_meta ?? [];
 
-        $photo->forceFill([
+        $update = [
             'security_scan_status' => $status,
             'security_scan_message' => $message,
             'security_scanned_at' => now(),
             'security_meta' => array_merge(is_array($existingMeta) ? $existingMeta : [], $metadata),
-        ])->save();
+        ];
+
+        if (in_array($status, ['clean', 'skipped'], true) && $photo->status === 'pending') {
+            $update['status'] = 'approved';
+        }
+
+        if ($status === 'infected') {
+            $update['status'] = 'rejected';
+        }
+
+        $photo->forceFill($update)->save();
 
         if ($status === 'infected') {
             Log::alert('[PhotoSecurity] Infected photo detected', [