infra-deploy

The code fragment represents a legitimate, multi-target deployment workflow for Cal.com on GCP Cloud Run with a local Docker Compose dev path and a webhook relay integration. It relies on vault-based secret management and environment-variable deployment, which is common but introduces notable risk around public exposure via unauthenticated Cloud Run access and potential logging of sensitive values. No explicit malware indicators are present; the pattern is deployment orchestration with moderate-to-high secret-handling risk. Recommend tightening access controls (avoid --allow-unauthenticated where not needed), enabling secret redaction in logs, and enforcing least-privilege for vault access and service permissions; add secret rotation and audit trails to improve resilience.