Added warning to documentation.

These strings leaking has been a known issue since at least 5 years (See github issue: actions/runner#475) regardless of whether or not this will ever be fixed the least that can be done is give the user a heads up that these 2 use cases will not mask the values. (Removing the 2 sections in their entirety might also be an option 🤔).

Author: tobias-wilfert

content/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions.md

@@ -289,6 +289,7 @@ Write-Output "::add-mask::Mona The Octocat"
 
 > [!WARNING]
 > Make sure you register the secret with 'add-mask' before outputting it in the build logs or using it in any other workflow commands.
+> This will still leak the string initialy as part of the echo statment.
 
 ### Example: Masking an environment variable
 
@@ -324,6 +325,9 @@ jobs:
 
 {% endpowershell %}
 
+> [!WARNING]
+> This will still leak the string as part of the env.
+
 ### Example: Masking a generated output within a single job
 
 If you do not need to pass your secret from one job to another job, you can: