The Premise:
SecureCorp thinks their production flag is safe because it's stored as a GitHub Secret. They're wrong. The build pipeline they're using trusts anyone who sends a Pull Request.
The Goal:
Exfiltrate the value of PROD_FLAG from the GitHub Actions environment.
The Rules:
Note: GitHub's secret scrubber will try to hide the flag. If you try to print it directly, it will just show up as ***. You'll need to encode it (Base64 is usually enough) to sneak it past the filter.