zizmor (https://github.com/zizmorcore/zizmor) and actionlint (runs shellcheck on run: | blocks) provide some bandaid. zizmor detects quite a few typical injection patterns like branch names and shellcheck enforces quoeting rules in the shell snippets

eventually yes, this is supposed to remove the perf tax of nested virtualization (less world/context switches on vm_exits) and unlocks some new use cases (pass through hardware from your VM to the sibling-guest).

Azure has recently announced "direct virtualization", which is a sort of logical nesting, in which users can sub-partition their L1 VMs into virtual L2 VMs that are technically siblings.

https://techcommunity.microsoft.com/blog/azurecompute/scalin...

(I work there)

fantastic news, congrats on launching! it's a great mission statement a fanstastic ensemble for the job