ci: bump claude-code-action pin to current v1 (symlink snapshot fix)

[giancolombi]

Fixes the ENOENT: no such file or directory, symlink failures seen on real review runs in prodcycle/prodcycle.

Root cause: that repo's CLAUDE.md is a symlink to AGENTS.md (its normal convention). Our April-23 action pin snapshots sensitive config paths to .claude-pr/ with a cpSync that chokes on symlink sources, so every real PR review there crashed. Upstream fixed it on 2026-05-14 by dereferencing symlinks in the snapshot (anthropics/claude-code-action#1186) — verified in the source at the new pin (cpSync(..., { dereference: true })).

New pin = the commit the v1 tag points to today (eee73e2a, 2026-06-10). All inputs we use (claude_code_oauth_token, track_progress, prompt, claude_args) verified present in its action.yml. Bumped fleet-wide for uniformity even though only prodcycle's symlinked CLAUDE.md triggers the bug today.

The red review check on this PR is the usual anti-tamper validation — resolves on merge.

🤖 Generated with Claude Code

[github-actions]

🛡️ ProdCycle Compliance · ✅ Passed

No compliance findings were detected in this PR's changed files.

---

_{🛡️ Posted by ProdCycle Compliance · Docs · Scan 3d925444-1c75-4efc-9bd2-e25eeaace378}

[greptile-apps]

Greptile Summary

This PR bumps the pinned SHA for anthropics/claude-code-action from the April-23 snapshot to the 2026-06-10 snapshot (eee73e2a), fixing ENOENT: symlink crashes that occurred when CLAUDE.md is a symlink (as it is in prodcycle/prodcycle). No other workflow inputs, permissions, or configuration change.

• Symlink fix: upstream added { dereference: true } to the cpSync that snapshots config files, which is the direct fix for the crash described in the PR.
• Input compatibility: claude_code_oauth_token, track_progress, prompt, and claude_args are all present in the new action's action.yml, so no workflow inputs need updating.

Confidence Score: 5/5

Safe to merge — the change is a single SHA bump to a newer upstream snapshot with no workflow logic changes.

The diff touches exactly one line: the pinned commit SHA for the third-party action. Every workflow input, permission, and job configuration is unchanged. The new SHA resolves a documented upstream crash (ENOENT on symlinked CLAUDE.md) without altering any interface. There is nothing here that could regress existing behavior.

No files require special attention.

Important Files Changed

Filename	Overview
.github/workflows/claude-review.yml	Single-line bump of the anthropics/claude-code-action pin from the April-23 snapshot to the 2026-06-10 snapshot (eee73e2a); all inputs and permissions are unchanged.

_{Reviews (1): Last reviewed commit: "ci: bump claude-code-action pin to curre..." | Re-trigger Greptile}