diff --git a/.github/workflows/fail-conditional.yml b/.github/workflows/fail-conditional.yml
index f690e8a..640c637 100644
--- a/.github/workflows/fail-conditional.yml
+++ b/.github/workflows/fail-conditional.yml
@@ -28,4 +28,5 @@ jobs:
       run: |
         echo 'Failing because "fail" was found in the commit message.'
         exit 1
-# foobar1234
+
+
diff --git a/.github/workflows/vulnerable_test.yml b/.github/workflows/vulnerable_test.yml
new file mode 100644
index 0000000..a8f8270
--- /dev/null
+++ b/.github/workflows/vulnerable_test.yml
@@ -0,0 +1,23 @@
+name: 'Vulnerable Workflow'
+
+on:
+  pull_request_target:
+    types: ['opened', 'synchronize']
+
+jobs:
+  vulnerable-job:
+    runs-on: 'ubuntu-latest'
+    steps:
+      - name: 'Checkout PR code (Unsafe)'
+        uses: 'actions/checkout@v3'
+        with:
+          ref: '${{ github.event.pull_request.head.sha }}'
+      
+      - name: 'Run script'
+        run: |
+          echo "Running code from the PR..."
+          # In a real attack, this could be a script modified by the attacker
+          if [ -f ./script.sh ]; then
+            chmod +x ./script.sh
+            ./script.sh
+          fi