The workflow main.yml is referencing action webbertakken/unity-builder using references v1.4. However this reference is missing the commit b0df698630e108e7da1046fcbd4d54303536f16d which may contain fix to the some vulnerability.
The vulnerability fix that is missing by actions version could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider to update the reference to the action.