Why can't a self-hosted runner verify repo/owner before running?

I gather that self-hosted runners should not be used with public repos as forks can run arbitrary workflows.  I would like to understand why runners cannot verify the repo/owner before running, to avoid that scenario.


We recommend that you do not use self-hosted runners with public repositories.


For your question Why can’t a self-hosted runner verify repo/owner before running?  I have reported it to the appropriate engineering team. When they give me any response, I will update here at once. 

The runner is connected to a given owner/repo and will only run for events that happen in that repo.  It is not that that forks themselves can run arbitrary workflows it is that PRs raised from forks into the upstream will get run and that can allow for arbitrary code execution on your runner. 

Eventually we will have more controls over this behavior but for now we recommed you not use self-hosted runners for public repos that allow forks.