From 0740a5c74b18573cdb939efcdfb68e7d21350a9a Mon Sep 17 00:00:00 2001
From: motoki317 <motoki317@gmail.com>
Date: Mon, 18 Sep 2023 07:16:10 +0900
Subject: [PATCH] add blog ref

---
 .github/workflows/preview.yml         | 1 +
 .github/workflows/preview_comment.yml | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.github/workflows/preview.yml b/.github/workflows/preview.yml
index 5134bb966..94396b144 100644
--- a/.github/workflows/preview.yml
+++ b/.github/workflows/preview.yml
@@ -1,6 +1,7 @@
 name: preview
 
 on:
+  # pull_request_target を使うにあたって https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ の一読を推奨
   pull_request_target:
 
 permissions:
diff --git a/.github/workflows/preview_comment.yml b/.github/workflows/preview_comment.yml
index a0cad3f22..f81f3f57f 100644
--- a/.github/workflows/preview_comment.yml
+++ b/.github/workflows/preview_comment.yml
@@ -1,6 +1,7 @@
 name: Comment preview environment URL
 
 on:
+  # pull_request_target を使うにあたって https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ の一読を推奨
   pull_request_target:
     types:
       - opened