1. Shell Injection Flaw Discovered in ai-qa-responder GitHub Actions Workflow
A shell injection vulnerability has been identified in `.github/workflows/ai-qa-responder.yml`, the GitHub Actions workflow handling automated responses in AI-powered Q&A discussions. The flaw affects two user-controlled GitHub event values interpolated directly via `${{ }}` expressions inside `run:` blocks: `github.ev...