"Briefly" is doing a lot of work there. Pre-deploy scans are useless once a bad mutation is actually live. If you don't have a way to auto-revert the infrastructure state instantly, you're just watching the fire spread.

Seriously. All credentials compromised that it can see. It's active in CI/CD pipelines and follow on attacks are happening.