diff --git a/.github/workflows/custard-run-dev.yaml b/.github/workflows/custard-run-dev.yaml
index 596439a0f6..26c437a4a4 100644
--- a/.github/workflows/custard-run-dev.yaml
+++ b/.github/workflows/custard-run-dev.yaml
@@ -56,7 +56,11 @@ jobs:
       create-check-if: ${{ !!github.event.workflow_run }}
 
   test:
-    if: needs.affected.outputs.paths != '[]'
+    # Guard: workflow_run fires for fork PRs but executes with repository secrets
+    # (id-token: write / GCP WIF). Restrict credential use to same-repo runs.
+    if: |
+      needs.affected.outputs.paths != '[]' &&
+      (github.event_name != 'workflow_run' || github.event.workflow_run.head_repository.full_name == github.repository)
     needs: affected
     runs-on: ubuntu-latest
     timeout-minutes: 120 # 2 hours hard limit
diff --git a/.github/workflows/custard-run.yaml b/.github/workflows/custard-run.yaml
index 1ad7e86cea..53041326df 100644
--- a/.github/workflows/custard-run.yaml
+++ b/.github/workflows/custard-run.yaml
@@ -102,7 +102,11 @@ jobs:
           status: failure
 
   test:
-    if: needs.affected.outputs.paths != '[]'
+    # Guard: workflow_run fires for fork PRs but executes with repository secrets
+    # (id-token: write / GCP WIF). Restrict credential use to same-repo runs.
+    if: |
+      needs.affected.outputs.paths != '[]' &&
+      (github.event_name != 'workflow_run' || github.event.workflow_run.head_repository.full_name == github.repository)
     needs: affected
     runs-on: ubuntu-latest
     timeout-minutes: 120 # 2 hours hard limit