There are several approaches ready to support you to reduce the risk of script injection:
github.event.pull_request.title
- name: Check PR title env: TITLE: ${{ github.event.pull_request.title }} run: | if [[ "$TITLE" =~ ^techgeeknext ]]; then echo "PR title starts with 'techgeeknext'" exit 0 else echo "PR title did not start with 'techgeeknext'" exit 1 fi