You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Automated scan from flagged a pull_request_target workflow that checks out the PR head SHA/ref. That's the pattern of the classic GitHub Actions RCE — but exploitability depends on your guards. I verified the pattern, not exploitability.
Automated scan from flagged a pull_request_target workflow that checks out the PR head SHA/ref. That's the pattern of the classic GitHub Actions RCE — but exploitability depends on your guards. I verified the pattern, not exploitability.