I'm trying to generate a filename in my C# application with a timestamp for file versioning, like this:

FileName = $"Professional_{DateTime.UtcNow.ToString("yyyy-MM-dd_HH-mm-ss")}.csv";

Even though the timestamp format contains valid characters only, GitLab still flags it as an OS injection vulnerability in the CI/CD pipeline. I removed the timestamp and reran the pipeline, and GitLab no longer flagged it as vulnerable to OS injection. However, the timestamp is a requirement and I cannot remove it.

How can I generate the timestamp and append it to the filename in a way that avoids triggering the OS vulnerability flag in GitLab while preserving the exact timestamp format?