fix(ci): use secrets context in ggshield step condition

Step-level env is not visible to the if condition — reference
secrets directly so ggshield actually runs when the key is configured.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

.github/workflows/test-linting.yml

@@ -97,7 +97,7 @@ jobs:
         pytest tests/litellm/test_no_hardcoded_secrets.py -v
 
     - name: Run ggshield secret scan
-      if: env.GITGUARDIAN_API_KEY != ''
+      if: ${{ secrets.GITGUARDIAN_API_KEY != '' }}
       env:
         GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }}
       run: |