https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning >The takeaway is this: Never run untrusted code within the context of the main branch if any other workflows use GitHub Actions caching. https://github.com/codius/codius-workers/blob/main/.github/workflows/deploy-worker.yml
https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning
https://github.com/codius/codius-workers/blob/main/.github/workflows/deploy-worker.yml