Fix high severity artifact poisoning vulnerability

Upgrade dawidd6/action-download-artifact from v3 to v6 to address
artifact poisoning vulnerability (GHSA-7rrj-xr53-82p7). The v6 version
defaults to allow_forks: false, preventing fork artifact injection.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: robinmordasiewicz

.github/workflows/docs.yml

@@ -39,7 +39,7 @@ jobs:
 
       - name: Download validation reports
         if: github.event_name == 'workflow_run'
-        uses: dawidd6/action-download-artifact@v3
+        uses: dawidd6/action-download-artifact@v6
         with:
           workflow: validate-and-release.yml
           name: validation-reports