Use fine-grained permissions?
GitHub Actions tokens (GITHUB_TOKEN) should have minimal scopes:
permissions:
contents: read
deployments: write
packages: read
GitHub Actions tokens (GITHUB_TOKEN) should have minimal scopes:
permissions:
contents: read
deployments: write
packages: read