Security: Fix 1 finding in GitHub Actions workflows

[jpr5]

Security: 1 finding across 1 rule

Fixed (deterministic, no AI)

shell-injection-expr — What is this?

• status-page.yml line 29: Attacker-controllable expression ${{ github.actor }} in run: block — shell injection risk

How this was detected

This finding was identified by deterministic pattern matching — no AI or machine learning was used in the detection. Sentinel uses static analysis rules that match known-vulnerable YAML patterns against a database of documented exploit vectors. Every finding maps to a specific, reproducible pattern. Source code is open for inspection.

---

_{🛡️ This PR was generated by Sentinel, an open-source security scanner. Why this PR? · Free, no tracking}

✅ Add Sentinel to this repo · 🚫 Opt out of future PRs

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[erwinmombay]

@danielrozenberg can you take a look at this

[danielrozenberg]

Looks correct to me - thanks for finding and fixing this issue!

@jpr5 would you mind signing the CLA so we can merge this PR?