fix: randomize heredoc delimiter in GITHUB_OUTPUT writes

[fg0x0]

Summary

Randomize the heredoc delimiter used when writing gemini_response and gemini_errors to $GITHUB_OUTPUT in action.yml.

The fixed EOF delimiter allows an LLM response containing a bare EOF line to close the heredoc early. Subsequent name=value lines in the response then become arbitrary step outputs, enabling bash injection in downstream consumer workflows.

Changes

• Replace echo "gemini_response<<EOF" with a random ghdelim_<hex> delimiter
• Replace echo "gemini_errors<<EOF" with a random ghdelim_<hex> delimiter
• Uses openssl rand -hex 16 per GitHub's canonical pattern

Testing

# Before fix: EOF in response breaks the heredoc
RESPONSE="line1\nEOF\ninjected=value"
echo "gemini_response<<EOF" >> output.txt
echo "$RESPONSE" >> output.txt
echo "EOF" >> output.txt
# Result: injected=value becomes a step output

# After fix: random delimiter is unguessable
_DELIM="ghdelim_$(openssl rand -hex 16)"
echo "gemini_response<<${_DELIM}" >> output.txt
echo "$RESPONSE" >> output.txt
echo "${_DELIM}" >> output.txt
# Result: entire response captured as gemini_response, no injection

Fixes #526

References

• GitHub docs: multiline strings
• Related: GHSA-62f2-6rx8-v262, PR fix: migrate shipped TOML templates from !{echo} to @{file} interpolation #524 (TOML template fix)

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[kkarrenn]

Thank you for this change!