The action zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 is not allowed in rancher-sandbox/runtime-enforcer because all actions must be from a repository owned by your enterprise, created by GitHub, or match one of the patterns: anchore/sbom-action/download-syft@*, aquasecurity/*, aws-actions/*, azure/*, changesets/action@*, changesets/bot@*, codecov/codecov-action@*, crate-ci/typos@*, docker/*, docker://gcr.io/kaniko-project/executor:*, fossas/fossa-action@*, golang/*, golangci/*, google-github-actions/*, google/*, googleapis/release-please-action@*, goreleaser/*, hashicorp/setup-packer@*, hashicorp/setup-terraform@*, hashicorp/vault-action@*, helm/*, kubernetes-sigs/*, kubernetes/*, kubewarden/kubewarden-end-to-end-tests@*, neuvector/*, openvex/setup-vexctl@*, oras-project/setup-oras@*, ossf/scorecard-action@*, rancher-eio/*, rancher-sandbox/azure-janitor@*, rancher-sandbox/highlander-reusable-workflows/*, rancher/*, rancherlabs/*, renovatebot/*, ruby/*, runs-o...