pagerduty-api

The schema itself is not malware, but it documents a capability that—if reachable by untrusted actors—gives direct arbitrary code execution on CI/Runner hosts. That capability makes overall usage high risk unless accompanied by strong safeguards: access controls, sandboxing/isolation, secrets scoping, egress/network controls, and explicit handling of input size/truncation. Operational guidance: only allow trusted principals to provide `script`/`invocation_command`; run executed scripts in minimal-privilege ephemeral sandboxes; restrict access to secrets and network; and audit/monitor execution.