[plan] Review and fix template-injection risk in mcp-inspector workflow

[github-actions]

Objective

Address the low severity template-injection finding in mcp-inspector.lock.yml to prevent potential code injection through template expansion.

Context

From discussion #15009 - Static analysis identified template injection risk at line 538. This has been recurring since Feb 5.

Zizmor Finding:

• Severity: Low
• Location: Line 538
• Description: Potential code injection through template expansion
• Impact: Low risk if inputs are controlled
• Reference: docs.zizmor.sh/rules/template-injection

Approach

1. Review mcp-inspector.lock.yml (line 538) to identify the template expansion
2. Check the source .md workflow file for the corresponding template usage
3. Verify that template inputs are properly sanitized:
   • Ensure no user-controlled input flows into template expansion
   • Use GitHub expression syntax safely (e.g., avoid ${{ github.event.issue.title }} in shell commands)
4. If user input is used, add proper sanitization or use safer alternatives:
   • Use GitHub Actions inputs with validation
   • Use environment variables instead of direct expansion
   • Apply proper escaping/quoting
5. Update the workflow to eliminate the security finding
6. Recompile with make recompile
7. Verify the fix with static analysis tools

Files to Modify

• .github/workflows/mcp-inspector.md (source workflow)
• .github/workflows/mcp-inspector.lock.yml (will be regenerated)

Acceptance Criteria

• template-injection finding eliminated from zizmor scan
• Template inputs are properly sanitized or validated
• No user-controlled input flows unsafely into template expansion
• Workflow recompiled successfully
• Workflow still functions as intended

AI generated by Plan Command for discussion #15009

• expires on Feb 14, 2026, 1:28 AM UTC