fix(ci): restrict auto-release marker to release bot

[BunsDev]

Motivation

• Prevent an untrusted PR title or commit message from authorizing an automated release dispatch by restricting the auto-release flow to a single trusted actor.

Description

• Add an actor guard if: github.actor == 'opencoven-bot' to the auto-release job and update workflow comments in .github/workflows/auto-release.yml so only the trusted release bot can trigger the commit-marker release path.

Testing

• Asserted the actor guard is present with a Python check: python - <<'PY' ... PY which passed.
• Validated the workflow YAML parses with ruby -e "require 'yaml'; YAML.load_file('.github/workflows/auto-release.yml')" which passed.
• Ran git diff --check -- .github/workflows/auto-release.yml to verify no whitespace/format errors, which passed.

---

Codex Task

[Copilot]

Pull request overview

This PR tightens the security of the commit-marker-driven release automation by ensuring the auto-release job can only execute when the workflow run is triggered by a single trusted actor (opencoven-bot), preventing contributor-controlled PR titles/commit messages from indirectly authorizing a release on merge.

Changes:

• Add a job-level actor guard to auto-release (if: github.actor == 'opencoven-bot').
• Update workflow header comments to document that the --release marker path is restricted to the trusted release bot.
• Add an inline comment explaining the threat model (marker injection via merged PRs) and why the guard exists.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.