Pass runner version as environment variable in workflow

[joshmgross]

It's recommended to pass expressions into actions/github-script via env - this avoids issues with special characters or other syntax that could be interpreted as JavaScript.

https://github.com/actions/github-script#use-env-as-input

This also serves to avoid any potential script injections - https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable