Skip to content

Document minimum required token permissions #10

Open
Open
Document minimum required token permissions#10
Labels
documentationImprovements or additions to documentationsecuritySecurity-related improvements
@ChrisJBurns

Description

@ChrisJBurns
ChrisJBurns
opened on Jan 15, 2026

Summary

Document the minimum required GitHub token permissions for using this action.

Background

From the security threat model (T5: Token Exposure), users should understand exactly what permissions are needed to reduce blast radius if credentials are compromised.

Acceptance Criteria

  • Add a section to README.md documenting minimum token permissions
  • Include example workflow snippet with explicit permissions block
  • Explain the purpose of each permission:
    • contents: write - Create branches and commits
    • pull-requests: write - Create pull requests
    • issues: write - Add labels to PRs (optional)
  • Recommend fine-grained PATs or GitHub App tokens over GITHUB_TOKEN where possible

Priority

High - Security documentation

Related

  • SECURITY.md threat model (T5)

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentationsecuritySecurity-related improvements

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions