ci: claude: Improve message and documentation about verbose mode

[patrickelectric]

Summary by Sourcery

Clarify automated PR review verdict formatting and document secure usage of verbose output in the Claude review workflow.

CI:

• Configure the Claude PR review workflow to explicitly disable full output by default and document the security implications of enabling it.
• Update the review comment template in the workflow so verdict lines are rendered without markdown formatting, ensuring GitHub emoji shortcodes resolve correctly.

Documentation:

• Add inline workflow documentation warning about the security risks of enabling full Claude output on public repositories.

[sourcery-ai]

Hey - I've left some high level feedback:

• Now that the verdict lines are rendered without backticks, double-check for any remaining backticked verdict labels elsewhere in the workflow or related templates to keep the emoji rendering behavior consistent across all outputs.
• The show_full_output warning is very specific to public repositories; consider adding a brief note about behavior on private repos and forked PRs so users understand when it is and isn’t safe to toggle this for debugging.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- Now that the verdict lines are rendered without backticks, double-check for any remaining backticked verdict labels elsewhere in the workflow or related templates to keep the emoji rendering behavior consistent across all outputs.
- The `show_full_output` warning is very specific to public repositories; consider adding a brief note about behavior on private repos and forked PRs so users understand when it is and isn’t safe to toggle this for debugging.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[github-actions]

Automated PR Review

0. Summary

• Verdict: LGTM

Two small improvements to .github/workflows/claude-pr-review.yml: explicitly pins show_full_output: "false" with a warning comment about the secret-leak risk on public repos, and strips backticks from the verdict labels (LGTM :shipit:, etc.) in the prompt and examples so GitHub renders the emoji shortcodes instead of showing them as literal text in a code span. No behavioral change to the review logic itself.

Nothing to comment, nice job 👍

Generated by PR Review Bot. This is advisory, a human reviewer must still approve.