Harness users can now provide the github webhook secret in Trigger config and only if the secret matches in github webhook and trigger, the trigger will get invoked. This improves the security of the triggers by ignoring the invokes from an inauthentic source. Even if someone get the access to the webhook somehow, it will not be able to trigger the deployments.
Feature Flag - GITHUBWEBHOOKAUTHENTICATION
Check out the Docs