[feature][byob] Remove private inputs from provenance

[laurentsimon]

trafficstars

We had an issue about it, but I could not find it so I'm creating this new one.

1We need to mask private fields of GH context for privacy reasons: username, etc. Or, alternatively, we don't record the entire context since only a few triggers are meant to be supported by v1.0 and we can record each event's specific information instead. Note: removing the GH context has implications for branch / tag verification, so the logic would need to change.