fix: code scanning alert no. 8: Code injection (#121)

patrickblackjr · github-advanced-security[bot] · Copilot · web-flow · commit 0b9db6bb02af · 2025-07-31T23:47:51.000-05:00
* Potential fix for code scanning alert no. 8: Code injection

Co-authored-by: Copilot Autofix powered by AI &lt;62310815+github-advanced-security[bot]@users.noreply.github.com&gt;

* Update .github/workflows/prow.yml

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;

---------

Co-authored-by: Copilot Autofix powered by AI &lt;62310815+github-advanced-security[bot]@users.noreply.github.com&gt;
Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;
diff --git a/.github/workflows/prow.yml b/.github/workflows/prow.yml
@@ -33,8 +33,10 @@ jobs:
           go mod tidy
 
       - name: Convert GitHub event to single-line JSON
+        env:
+          EVENT: ${{ toJson(github.event) }}
         run: |
-          echo "EVENT=$(echo '${{ toJson(github.event) }}' | jq -c '.')" >> $GITHUB_ENV
+          echo "EVENT=$(jq -n --arg event \"$EVENT\" '$event | @json')" >> $GITHUB_ENV
 
       - name: Run Prow Lite
         run: |
