The compromise of actions-cool/issues-helper and maintain-one-comment reveals a sophisticated redirection of GitHub tags to imposter commits, enabling credential theft directly from runner environments via Bun runtime memory scraping and exfiltration to t.m-kosche[.]com. This tactic bypasses PR reviews and hits any workflow relying on version tags rather than pinned SHAs, a far more pervasive risk than the npm-focused Mini Sha-Hulud campaign it appears linked to through shared infrastructure. Unlike standalone package hijacks, this attack targets the automation layer where secrets for cloud deployments, infrastructure-as-code, and sensitive codebases converge—potentially exposing defense contractors and government repositories that depend on GitHub Actions for continuous integration. Mainstream reporting underplays how such intrusions scale credential harvesting across thousands of pipelines, creating persistent access points for espionage. Connections to AntV ecosystem targeting suggest possible state-linked actors probing Chinese-linked open source dependencies to pivot into Western CI/CD environments. Remediation requires mandatory SHA pinning and runtime attestation, yet adoption lags due to developer inertia. This incident fits broader patterns of supply chain evolution seen in SolarWinds and Codecov, where trust in automated workflows becomes the new perimeter.