today i received a pull request from some user that abused my repository and circleci. the user replaced part of my circle.yml with code that started running a miner instead of the tests.
The build started automatically when the user created the pullrequest.
How can that be prevented? I suppose that i configured something wrong here…