SEC GitHub Workflow Flaw: Critical 'Pwn Request' Vulnerability in pr-loop.yml Exposes API Secrets

A critical security flaw in the SEC's GitHub Actions workflow, `pr-loop.yml`, creates a direct path for attackers to steal high-value API secrets, including the `ANTHROPIC_API_KEY` and `ALEXS_CODEX_KEY`. The vulnerability is a textbook 'pwn request' scenario, where the workflow's configuration grants it access to the repository's secrets and then executes untrusted code from a pull request. This directly contradicts the workflow's own header comment, which falsely claims safety by asserting it only reads PR code for review.

The core of the exploit lies in the workflow's use of the `pull_request_target` event, which provides the job with write permissions and access to repository secrets. It then checks out the specific commit from the pull request's head (`ref: ${{ github.event.pull_request.head.sha }}`) and proceeds to execute a Python script (`python -m scripts.review.loop`) from that untrusted codebase. An attacker can simply fork the repository, inject malicious code into `scripts/review/loop.py` designed to exfiltrate secrets like `ANTHROPIC_API_KEY`, `ALEXS_CODEX_KEY`, and `KOSLI_API_TOKEN`, and open a pull request. The automated workflow would then run the attacker's code with full secret access.

The presence of this flaw is starkly highlighted by the contrasting security posture of a related workflow, `pr-resolve.yml`. That workflow is explicitly safe, as it checks out the main branch by default and contains detailed security comments justifying its design. The discrepancy underscores a dangerous oversight in `pr-loop.yml`, leaving a major federal financial regulator's development pipeline exposed to credential theft and potential downstream compromise of integrated AI and audit services.