alt Hacker NewsWell...obviously secrets available in the runtime environment of a CI job are vulnerable to attacks that can compromise the runtime environment. I think everyone knew that. Also GitHub actions that come from less than unreproachable sources (GitHub themselves, ?) have always been an obvious attack vector. In places I've worked where we were concerned about this we forked all the actions repos into our own org so we could never pick up mystery meat in our jobs.
You're right and forking actions is the correct mitigation.
The gap is operational discipline. Most teams know they should fork upstream actions and review updates before pulling them in. Almost none actually do it consistently. The Trivy attack is useful not because it revealed something unknown but because it made the abstract cost of that gap concrete.