Most of the ORES-related functionality in the action API was disabled in https://gerrit.wikimedia.org/r/#/c/336213/ due to T157206. Given that that issue was caused by excessive requests from a single client, the client has been silent for a long time, and disabling the API doesn't really do anything to prevent abuse (the same requests could still be done directly to the ORES API), there is no reason to keep the API disabled.
Mitigation of similar events in the future is tracked in T148997 and T137962, but given that those need to be done in the ORES API, and the action API is just one possible way to call the ORES API, it doesn't really make sense to block reenabling on that.
(Some mitigation also happened in T157983.)