secure-repo icon indicating copy to clipboard operation
secure-repo copied to clipboard

Published 20 hours ago verified publisher icon step-security

[KB] Add GitHub token permissions for EndBug/add-and-commit Action

Open step-security-bot opened this issue 2 years ago • 2 comments

Knowledge Base is missing for EndBug/add-and-commit.

step-security-bot avatar Oct 11 '22 04:10 step-security-bot

Analysis

Action Name: EndBug/add-and-commit
Action Type: Node
GITHUB_TOKEN Matches: token,github_token,GITHUB_TOKEN,Token
Top language: TypeScript
Stars: 649
Private: false
Forks: 83

Endpoints Found

Endpoint Permission

FollowUp Links.

https://github.com/EndBug/add-and-commit/blob/f7edecabb7989ef65f99a2af28bc3e03beb45dc5/src/io.ts

action-security.yml

name: Add & Commit
github-token:
  action-input:
    input: token
    is-default: true
  permissions:

step-security-bot avatar Oct 11 '22 04:10 step-security-bot

I have taken this issue

vandana41 avatar Oct 11 '22 11:10 vandana41