GitHub blocks by default the automatic loading of code from forked pull requests in privileged workflows to prevent attackers from stealing GITHUB_TOKEN and environment variables.
actions/checkout v7 fails workflows that use pull_request_target or workflow_run with unverified fork code — a step toward “Security by Default” philosophy.