formprotection confuses QuickForm due to use of "action" in the $_REQUEST

I was wondering what the purpose of setting this hidden variable using the name "action" is? I tried to experimentally change it to g-action which seemed to work with some very initial testing.

I'm asking because I discovered a problem with a site using a contribution page, with a profile that had the recaptcha checkbox checked, a PCP page attached to it, and the authorize payment processor. The regular contribution page contributions seemed to go through ok. But the PCP contribution failed with the error:

Cannot determine api action for CRM_Contribute_Form_Contribution_Main. CRM_Core_Action "NO DESCRIPTION SET" not recognized.

I traced the problem to CRM/Contribute/Form/ContributionBase.php - in the preProcess function where it calls:

$this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE, 'add');

At this point, $this->_action is set to "validate_recaptcha" which is not what QuickForm is expecting.

I perused the code a bit and I'm not even sure that hidden action field is used or necessary?