Potential fix for code scanning alert no. 3: Expression injection in Actions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

Author: buckhalt

.github/workflows/update-snapshots.yml

@@ -20,8 +20,9 @@ jobs:
           ref: ${{ steps.comment-branch.outputs.head_ref }}
       - name: Extract URL from comment
         id: extract-url
+        env:
+          COMMENT: ${{ github.event.comment.body }}
         run: |
-          COMMENT="${{ github.event.comment.body }}"
           URL=$(echo "$COMMENT" | grep -o 'https://[^ ]*' | head -1)
           echo "preview_url=$URL" >> $GITHUB_OUTPUT
       - name: Comment action started