Security: Figure out if there is an audit trail for actions triggered by a Github runner token

[ChristianKuehnel]

based on the discussion in #66: Is there an audit trail for actions on Github triggered via a stolen Github runner token? Can we somehow figure out what an attacker has done with that token?

[badenh]

There is an audit log function on Github Enterprise that allows per token action tracing. I don't think it's available on the non-ent version, which in some ways seems strange. I have access to both types of environments, if it's still relevant I can look into it.