yml #1

	name: Test GitHubToken Excessive Permissions
	on:
	push:
	branches:
	- main
	jobs:
	test-permissions:
	runs-on: ubuntu-latest
	# Overly broad permissions for GITHUB_TOKEN
	permissions:
	contents: write
	issues: write
	pull-requests: write
	actions: write
	checks: write
	deployments: write
	statuses: write
	packages: write
	repository-projects: write
	discussions: write
	security-events: write # This one, in particular, should raise a flag as it's typically not needed for most workflows
	steps:
	- name: Checkout code
	uses: actions/checkout@v3
	- name: Dummy Step
	run: echo "This is to test excessive token permissions"

Provide feedback