Clarify cpflow workflow safety tradeoffs

Author: justin808

.github/actions/cpflow-setup-environment/action.yml

@@ -63,7 +63,8 @@ runs:
           exit 1
         fi
 
-        # Make the token available to later workflow steps without putting it on argv.
+        # Later workflow steps call cpflow/cpln, so persist the token without putting it on argv.
+        # This intentionally gives subsequent trusted steps in the same job a CPLN_TOKEN env var.
         token_delimiter="CPLN_TOKEN_$(openssl rand -hex 8)"
         {
           echo "CPLN_TOKEN<<${token_delimiter}"

.github/workflows/cpflow-delete-review-app.yml

@@ -1,6 +1,8 @@
 name: Delete Review App
 
 on:
+  # Use pull_request_target for close cleanup so fork PR review apps can be deleted with
+  # base-repo secrets. This workflow checks out the base repository, not untrusted PR code.
   pull_request_target:
     types: [closed]
   issue_comment:

.github/workflows/cpflow-deploy-review-app.yml

@@ -191,6 +191,8 @@ jobs:
         run: |
           set -euo pipefail
 
+          # Keep this in sync with delete-app.sh. `cpflow exists` does not yet expose
+          # distinct structured signals for not-found vs. auth/API failures.
           exists_output=""
           if exists_output="$(cpflow exists -a "${APP_NAME}" --org "${CPLN_ORG}" 2>&1)"; then
             if [[ -n "${exists_output}" ]]; then