Critical Secrets exfiltration vulnerability #1227
Description
Hi,
We found a critical vulnerability in one of the CI workflows in this repo. The repository remains vulnerable, allowing an attacker to exfiltrate secrets and a highly privileged GITHUB_TOKEN, potentially compromising the overall repository content. This would impact all the repo users
We are happy to coordinate for full disclosure and receive proper CVE via Github Security Advisory (GHSA).