Strangely, the malicious code did not exfiltrate the memory output to a remote server, instead only making it visible in publicly accessible repositories. "The compromised action injected malicious ...