Update documentation to emphasize sanitized context text usage for security

[Copilot]

This PR addresses the need to better document the security benefits of using sanitized context text (needs.task.outputs.text) instead of raw github.context values in agentic workflows.

Problem

The existing documentation showed examples mixing raw github.event fields with sanitized context text, but didn't emphasize the critical security differences. Users could inadvertently use insecure patterns like:

# INSECURE: Raw user input vulnerable to injection
Title: "${{ github.event.issue.title }}"
Body: "${{ github.event.issue.body }}"

This exposes workflows to prompt injection, unintended @mentions, bot trigger execution, and other security risks from untrusted user content.

Solution

Updated documentation across four key files to guide users toward the secure sanitized approach:

# SECURE: Use sanitized context text
Analyze this content: "${{ needs.task.outputs.text }}"

Security Benefits Highlighted

The needs.task.outputs.text provides critical protections that raw context values lack:

• @mention neutralization: Converts @user to `@user` to prevent unintended notifications
• Bot trigger safety: Converts fixes #123 to `fixes #123` to prevent accidental commands
• XML injection protection: Converts XML tags to safe parentheses format
• URI filtering: Only allows HTTPS URIs from trusted domains; others become "(redacted)"
• Content limits: Automatically truncates excessive content (0.5MB max, 65k lines max)
• Control character removal: Strips ANSI escape sequences that could manipulate terminal output

Changes Made

• pkg/cli/templates/instructions.md: Added comprehensive sanitized context section with security benefits and usage patterns
• docs/reference/command-triggers.md: Enhanced context text documentation with security comparisons
• docs/reference/markdown.md: Updated examples to show secure patterns first with security rationale
• docs/guides/security.md: Added critical security guidance section emphasizing sanitized context usage

The documentation now clearly distinguishes between secure sanitized content access and potentially dangerous raw context field usage, helping users make informed security decisions.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• api.contoso.com
  • Triggering command: /tmp/go-build4012539661/b281/cli.test -test.testlogfile=/tmp/go-build4012539661/b281/testlog.txt -test.paniconexit0 -test.timeout=10m0s -test.v=true (dns block)
  • Triggering command: /tmp/go-build1890621262/b281/cli.test -test.testlogfile=/tmp/go-build1890621262/b281/testlog.txt -test.paniconexit0 -test.timeout=10m0s -test.v=true (dns block)
  • Triggering command: /tmp/go-build3783155744/b281/cli.test -test.testlogfile=/tmp/go-build3783155744/b281/testlog.txt -test.paniconexit0 -test.timeout=10m0s -test.v=true (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.