Problem

create_pull_request_review_comment still uses a local PR-context check that excludes pull_request_target.

When safe-outputs.create-pull-request-review-comment.target is \"triggering\", runs triggered via pull_request_target can fail with:

• Not in pull request context

Why this is inconsistent

Other safe-output paths were updated to support pull_request_target through shared helpers (for example resolveTarget / update_context_helpers), but this handler still uses its own inline check.

Affected code

actions/setup/js/create_pr_review_comment.cjs

Current local check includes:

• pull_request
• pull_request_review
• pull_request_review_comment
• issue_comment on PR

But not:

• pull_request_target

Expected behavior

For target: \"triggering\", create_pull_request_review_comment should treat pull_request_target as valid PR context (same behavior as other safe-output handlers).

Suggested fix

Use shared target/context resolution (or at minimum add pull_request_target to the local PR-context check) and add a regression test for pull_request_target.