issue-arborist: extract github.repository from run: script to avoid shell injection warning

[Evangelink]

Summary

gh aw compile --strict (v0.75.0) auto-rewrites the Fetch issues data step in workflows/issue-arborist.md because the run: script directly interpolates ${{ github.repository }}, which is a shell-injection vector:

⚠ extracted ${{ github.repository }} from run: script in step "Fetch issues data"
  into env var GH_AW_GITHUB_REPOSITORY to prevent shell injection

The compiler silently fixes it in the generated .lock.yml, but the source workflows/issue-arborist.md still reproduces the warning on every compile.

Repro

steps:
  - name: Fetch issues data
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    run: |
      mkdir -p /tmp/gh-aw/issues-data
      gh issue list --repo ${{ github.repository }} \
        --search "-parent-issue:*" \
        ...

${{ github.repository }} is technically a low-risk value, but the actionlint / gh-aw guidance is to never inline ${{ }} expressions inside run: scripts — both to avoid shell quoting bugs and to keep workflows compatible with hardened runners.

Fix

Apply the same auto-fix in the source:

steps:
  - name: Fetch issues data
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
    run: |
      mkdir -p /tmp/gh-aw/issues-data
      gh issue list --repo "$GH_AW_GITHUB_REPOSITORY" \
        --search "-parent-issue:*" \
        ...

Related

Distinct from #339 (same workflow, but about gh failing under DIFC proxy on /meta) — both touch the same gh issue list call but address different problems.

Downstream context

Filed for visibility — downstream fork applied locally in microsoft/testfx#8560.