[task] Add shellcheck disable directives for markdown heredoc false positives #3541
Description
Objective
Add shellcheck disable directives to heredoc blocks in compiled workflows to suppress 945 false positive warnings (SC2006/SC2287) caused by markdown backticks in prompt documentation.
Context
Static analysis scan identified 945 false positives from shellcheck misinterpreting markdown backticks (e.g., /tmp/gh-aw/agent/) in heredoc documentation as command substitution. These are not actual security issues but create noise in linting output.
Related to discussion #3527.
Approach
Apply the fix template from /tmp/gh-aw/cache-memory/fix-templates/actionlint-sc2006-sc2287-heredoc-backticks.md:
- Identify heredoc blocks in workflow compilation code that write markdown with backticks
- Add shellcheck disable comment above affected heredoc blocks:
# shellcheck disable=SC2006,SC2287 cat >> "$GH_AW_PROMPT" << PROMPT_EOF ...markdown content with backticks... PROMPT_EOF
- This should be done in the Go compiler code that generates the prompt writing step
Files to Modify
pkg/workflow/compiler.goor related workflow generation files where heredoc prompt writing is generated- Any other workflow compilation code that generates heredoc blocks with markdown content
Acceptance Criteria
- Shellcheck disable directives added to heredoc generation in compiler
- Recompile workflows with
make recompile - Re-run
gh aw compile --actionlintshows reduced findings (945 fewer warnings) - Verify compiled .lock.yml files contain disable directives
- No functional changes to workflow execution
Impact
Reduces linting findings from 953 to 8 (99.2% reduction), making actionlint output more useful for identifying real issues.
Related to #3527
AI generated by Plan Command for discussion #3527