Script Injection is possible which can allow a bad actor to harvest secrets. This is not a huge problem on a hosted runner as they are ephemeral, but best practice should be used to prevent it.
I have sanitized inputs but bash isn't my strong area, so I'm looking for an auditor to improve security.
Script Injection is possible which can allow a bad actor to harvest secrets. This is not a huge problem on a hosted runner as they are ephemeral, but best practice should be used to prevent it.
I have sanitized inputs but
bash
isn't my strong area, so I'm looking for an auditor to improve security.