Why should Github do anything?
If you execute arbitrary instructions whether via LLM or otherwise, that's a you problem.
I'm just wondering if there's a possible way to prevent this that wouldn't be intrusive or break existing features.
I'm just wondering if there's a possible way to prevent this that wouldn't be intrusive or break existing features.