[Workflow] security fix (#3383)

* Refactor style command handling in workflow

* Fix version assignment in Python prerelease workflow

Author: glegendre01

.github/workflows/python-prerelease.yml

@@ -21,9 +21,11 @@ jobs:
     steps:
       - name: Determine version from tag
         id: get-version
+        env: 
+          TAG : ${{ inputs.tag }}
         run: |
           if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
-            echo "VERSION=${{ inputs.tag }}" >> $GITHUB_OUTPUT
+            echo "VERSION=$TAG" >> $GITHUB_OUTPUT
           else
             echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
           fi

.github/workflows/style-bot-action.yml

@@ -165,8 +165,10 @@ jobs:
 
       - name: Run style command
         id: run_style
+        env:
+            STYLECOMMANDTYPE : ${{ inputs.style_command_type }}
         run: |
-          case "${{ inputs.style_command_type }}" in
+          case "$STYLECOMMANDTYPE" in
             "default")
               echo "Running default style and quality checks"
               make style && make quality
@@ -180,7 +182,7 @@ jobs:
               make style
               ;;
             *)
-              echo "Invalid style_command_type: ${{ inputs.style_command_type }}"
+              echo "Invalid style_command_type: $STYLECOMMANDTYPE"
               echo "Valid options are: 'default', 'quality_only', 'style_only'"
               exit 1
               ;;
@@ -237,4 +239,4 @@ jobs:
               body: `${{ steps.prepare_final_comment.outputs.final_comment }}`
             });
         env:
-          prNumber: ${{ steps.pr_info.outputs.prNumber }}
+          prNumber: ${{ steps.pr_info.outputs.prNumber }}