docs+ci: download fork-comment artifact to runner.temp (CodeQL artifact-poisoning)

[theoephraim]

Why

varlock adopted the 1.18 workflow_run fork-comment split (varlock#840) and CodeQL flagged the poster with a critical actions/artifact-poisoning alert. The recommended bumpy-comment.yaml (and our dogfood copy) downloads the untrusted artifact into ./bumpy-comment — i.e. inside GITHUB_WORKSPACE, alongside the trusted checkout. CodeQL's recommendation is to "extract artifacts to a temporary folder so they cannot override existing files."

bumpy's own repo has no CodeQL workflow, so neither the dogfood poster nor the docs template was ever analyzed — varlock (which runs CodeQL Actions analysis) was the first to surface it.

What

• docs/github-actions.md — the recommended poster now downloads to ${{ runner.temp }}/bumpy-comment (outside the checkout) and reads --body-file "$RUNNER_TEMP/bumpy-comment/comment.md".
• .github/workflows/bumpy-comment.yaml (dogfood) — same change; dropped the now-moot "download after checkout or it gets wiped" note since temp is outside the workspace.
• Safety-rule callout — documents why (untrusted artifact can't overwrite trusted files) and adds a short note that CodeQL's actions/artifact-poisoning query may flag the step: the temp-dir download addresses its core recommendation, and if a strict variant still flags it, it's a dismissable false positive (body used only as comment text; PR resolved from the trusted workflow_run event, never the artifact).

The upload side (unprivileged render step) intentionally keeps ./bumpy-comment — only the privileged download moves to temp.

Notes

Docs + a dogfood workflow comment/path change. No behavior change to the comment that gets posted. The runner.temp path is outside GITHUB_WORKSPACE on hosted runners, so the trusted checkout (read for the pinned bumpy version) is untouched.