Maybe I'm missing something but although Atlantis seems great, you have to expose a webhook to the open internet that points to a service that has full admin access to your infra. If an attacker finds a security issue with Atlantis and decides to abuse it, you've basically given them admin access. For that exact reason Atlantis a prime target for vulnerability exploitation
You can put it behind something like cloudflare and make the url something that can't be guessed, but yeah it is not the best. I really wish github would publish a list of IPs it calls from.
Although I was really excited at first as I kept diving deeper in the topic I grew a healthy dose of skepticism for the LK-99 superconductivity claim. The below article[1] has an interesting take on the matter.
