update main.yml

fix potential workflow vulnerability

.github/workflows/main.yml

@@ -6,8 +6,10 @@ name: Deploy Site
 on:
   push:
     branches: [main]
-  pull_request:
+  # The below rule invokes when ANY pull request is made to main
-    branches: [ main ]
+  # This is DANGEROUS and can allow for malicious behavior
+  # pull_request:
+  #   branches: [main]
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch: