Disable ref-confusion audit

The ref-confusion audit crashes when workflows reference private
repos (e.g. internal-workflows, robot) because the GITHUB_TOKEN
lacks cross-repo access. Disable until zizmor supports scoping
this audit or we provide a broader token.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: tashian

.github/zizmor.yml

@@ -5,6 +5,8 @@ rules:
         "smallstep/*": ref-pin
   secrets-inherit:
     disable: true
+  ref-confusion:
+    disable: true
   dangerous-triggers:
     ignore:
       - triage.yml