Skip PR review workflow for Dependabot PRs

Dependabot PRs don't have access to the secrets required by the
cagent-action reusable workflow (CAGENT_ORG_MEMBERSHIP_TOKEN), causing
the org membership check to fail with "github-token not supplied".

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Guillaume Lours <glours@users.noreply.github.com>

Author: glours

.github/workflows/pr-review.yml

@@ -12,6 +12,7 @@ permissions:
 
 jobs:
   review:
+    if: github.actor != 'dependabot[bot]'
     uses: docker/cagent-action/.github/workflows/review-pr.yml@dba0ca51938c78afb363625363c50582243218d6 # v1.3.1
     # Scoped to the job so other jobs in this workflow aren't over-permissioned
     permissions: