PR branch workflow runs should never rely on repo secrets (there's a workaround for this, but it SHOULD NEVER be used).
As a follow up, I think that what we need to do is improve the workflow_dispatch so that it runs the action from the main branch but executes the evals (and evaluated code) from the PR branch (an extra-level of carefulness should be required for those authorized to trigger the workflow in order to ensure that no secrets would be leaked by a maliciously crafted PR)
Originally posted by @manusa in #827 (comment)
PR branch workflow runs should never rely on repo secrets (there's a workaround for this, but it SHOULD NEVER be used).
As a follow up, I think that what we need to do is improve the workflow_dispatch so that it runs the action from the main branch but executes the evals (and evaluated code) from the PR branch (an extra-level of carefulness should be required for those authorized to trigger the workflow in order to ensure that no secrets would be leaked by a maliciously crafted PR)
Originally posted by @manusa in #827 (comment)