If you watch the PRs history, you can see that the user github-actions edited them. This user is the default one when a GitHub Action (the pipeline OP refers to) alters the repo. So someone probably submitted a pull request abusing the GitHub token when the Action ran on their PR.
Hacked pipeline? These are just pull requests anyone can submit them.
If you watch the PRs history, you can see that the user
github-actionsedited them. This user is the default one when a GitHub Action (the pipeline OP refers to) alters the repo. So someone probably submitted a pull request abusing the GitHub token when the Action ran on their PR.