Yeah, I'm open to this concept, but I'm a little hesitant to clone a private repo somewhere random and undisclosed and then inject secrets.