Fix script injection vulnerability in setup-python-env composite action

[Copilot]

${{ inputs.extra-args }} was interpolated directly into the shell run: block, allowing expression evaluation before shell execution — a classic GitHub Actions script injection vector.

Changes

• .github/actions/setup-python-env/action.yml: Route inputs.extra-args through an EXTRA_ARGS env var; reference it as $EXTRA_ARGS in the shell script so the value is treated as data, not executable syntax. Adds # shellcheck disable=SC2086 to document intentional word-splitting.

# Before — vulnerable: expression evaluated before shell runs
uv sync $args ${{ inputs.extra-args }}

# After — safe: value bound to env var, shell sees it as data
env:
  EXTRA_ARGS: ${{ inputs.extra-args }}
run: |
  # shellcheck disable=SC2086  # intentional word-splitting for uv flags
  uv sync $args $EXTRA_ARGS

Testing

• Not run (why?)
• uv run poe check
• Other: YAML-only change; no Python code paths affected. Verified file diff manually.

Checklist

• Linked issue or task reference
• Added/updated tests where relevant
• Updated docs/README if needed
• No secrets or sensitive data added
• Considered backward compatibility and deployment impact

Additional context

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.