Build Pipeline Security feat XSS Fox

Posted on 2021-10-09: https://sprocketfox.io/xssfox/2021/02/18/pipeline/

Gotta say, I love all the random fox pics. Great writeup too, I believe similar hacks have been used to install/run coinminers on other Github Actions piplines (at the cost of the repo owner!), which is why that had to be heavily limited.