diff --git a/pkg/cli/add_interactive_engine.go b/pkg/cli/add_interactive_engine.go
index 67acb43546..9dae8543b5 100644
--- a/pkg/cli/add_interactive_engine.go
+++ b/pkg/cli/add_interactive_engine.go
@@ -74,7 +74,7 @@ func (c *AddInteractiveConfig) selectAIEngineAndKey() error {
 
 	// If engine is already overridden, skip selection
 	if c.EngineOverride != "" {
-		fmt.Fprintln(os.Stderr, console.FormatInfoMessage(fmt.Sprintf("Using coding agent: %s", c.EngineOverride)))
+		fmt.Fprintln(os.Stderr, console.FormatInfoMessage("Using coding agent: "+c.EngineOverride))
 		return c.configureEngineAPISecret(c.EngineOverride)
 	}
 
diff --git a/pkg/workflow/permissions_compiler_validator.go b/pkg/workflow/permissions_compiler_validator.go
index 03c7a7e2ac..d7b992edd9 100644
--- a/pkg/workflow/permissions_compiler_validator.go
+++ b/pkg/workflow/permissions_compiler_validator.go
@@ -37,6 +37,7 @@
 package workflow
 
 import (
+	"errors"
 	"fmt"
 	"os"
 )
@@ -162,11 +163,11 @@ func validateEngineAuthPermissions(workflowData *WorkflowData, workflowPermissio
 	}
 
 	if workflowPermissions == nil {
-		return fmt.Errorf("engine.auth.type: github-oidc requires permissions.id-token: write")
+		return errors.New("engine.auth.type: github-oidc requires permissions.id-token: write")
 	}
 
 	if level, exists := workflowPermissions.Get(PermissionIdToken); !exists || level != PermissionWrite {
-		return fmt.Errorf("engine.auth.type: github-oidc requires permissions.id-token: write")
+		return errors.New("engine.auth.type: github-oidc requires permissions.id-token: write")
 	}
 
 	return nil