At the moment anyone with github account can pull the index repo, modify the packages.txt and push it which would trigger a build of wheels. This is a vulnerability that needs to be addressed.

Some basic investigation was done in CALUNGA-125 but with the repo being public, we don't really have a way to limit who can push to the repo. We'd need to make the repo private. Alternative approaches could include checking the commit author as a part of the pipeline.