security: gate pr-triage secrets on same-repository pull_request_target

[DVHRMNTCBSL]

What the patch does

pr-triage.yml in google/adk-python runs on pull_request_target and mounts ADK_TRIAGE_AGENT and GOOGLE_API_KEY while the triage agent processes untrusted fork PR content.

This patch adds a fork guard: automated pull_request_target runs only when head.repo.full_name == github.repository. Maintainers can still trigger via workflow_dispatch.

Pull request: COLE_SEU_LINK_AQUI

How it works

• Before: CLA-signed fork PR could auto-trigger privileged triage agent with API secrets in environment.
• After: External fork PRs no longer auto-run secret-backed triage; workflow_dispatch preserved.

Writing effort

Modest — coordinated if: guard in .github/workflows/pr-triage.yml.

Security impact

Compelling proactive hardening: prevents untrusted fork PR content from reaching privileged LLM CI with secrets.

No live exploit was performed. Local trust-boundary simulation only.

Project scope

google/adk-python is OT1 in Google OSS repository tier.

Relation to prior submissions

Proactive patch; pivots from REPORT-002 OSS VRP GHA class. This is the security patch PR, not a duplicate VRP report.

Diff access

COLE_SEU_LINK_AQUI/files

[adk-bot]

Response from ADK Triaging Agent

Hello @DVHRMNTCBSL, thank you for submitting this security-related PR!

To help our reviewers process your changes more efficiently, please ensure the following requirements from our contribution guidelines are met:

1. Testing Plan: Please include a testing plan section in your PR description describing how this change was or can be verified (e.g., local simulation or GHA test runs on a fork).
2. Logs or Screenshots: If possible, please share logs or screenshots demonstrating that the GitHub Actions workflow syntax is correct and works as intended after applying the patch.

This extra context is incredibly helpful for the review process. Thank you!