GreatEugenius opened a new issue, #563: URL: https://github.com/apache/flink-agents/issues/563
### Search before asking - [x] I searched in the [issues](https://github.com/apache/flink-agents/issues) and found nothing similar. ### Description The following workflows use `pull_request_target` as a trigger: - **Documentation Bot** (`.github/workflows/document_bot.yml`) - **Pull Request Labeler** (`.github/workflows/labeler.yml`) Using `pull_request_target` is considered a security risk because it runs workflows with write permissions in the context of the base repository, even when triggered by a fork. This can expose repository secrets and allow malicious code from a forked PR to execute with elevated privileges. ### Are you willing to submit a PR? - [x] I'm willing to submit a PR! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
