[Fix] Github Action possible command injection via unsanitised user input like review body and gti (#7569)

Co-authored-by: Vasyl Spachynskyi <vasyl.spachynskyi@dataart.com>

.github/workflows/run-eval.yml

@@ -19,9 +19,10 @@ jobs:
           ref: ${{ github.head_ref }}
 
       - name: Trigger remote job
+        env:
+          PR_BRANCH: ${{ github.head_ref }}
         run: |
           REPO_URL="https://github.com/${{ github.repository }}"
-          PR_BRANCH="${{ github.head_ref }}"
           echo "Repository URL: $REPO_URL"
           echo "PR Branch: $PR_BRANCH"