Have you looked at the .github/ folder of any actively developed python packages lately? It has become difficult to find one where there isn't a few interesting people with code-execution-capable push/publish/cache-write access somewhere along the blown up transitive dependency/include chains.

We need to explore this angle. With OpenAI already strongly being intelligence gathering apparatus for the US, now with this acquisition, it will potentially have access to the code and environment variables of a good chunk of private projects even when Codex doesn't.