This would be nice. I'm not sure how we avoid leaking secrets? Any self-hosted runner would need an apikey for ibm cloud? We could provision the runner to have a security group that blocks access to any outbound connection other than the ibm cloud api servers. This would protect tcp-based escape. But... the user code could still just log the secret to the console? If this were a github action-provided secret, their log viewers would hopefully be smart enough to redact the secrets from any displayed logs. But... if this is just some random string that github doesn't know about...?

If a secret is set via input or env var in the GH action workflow, GH should know what it is and redact it in the logs ref self- hosted runners may also behave the same, and we will need a minimum access apikey for it plus additional security like no outbound sec group rules, as you mentioned

is there a way for us (as non-owners of org IBM) to configure env vars?