Security Dashboard
Weighted posture score: permissions, scanners, supply chain, token handling, and runner hardening.
Score Distribution
200 repos · median 14.58 · 0–100 weighted posture score
| Repository | Score | Tools | Next step |
|---|---|---|---|
| argoproj/argo-cd | 77.26 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Set explicit `permissions:` in every workflow. |
| open-telemetry/opentelemetry-collector | 72.55 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Set explicit `permissions:` in every workflow. |
| goreleaser/goreleaser | 70 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init, github/codeql-action/upload-sarif, gitleaks/gitleaks-action, ossf/scorecard-action | Prefer GitHub App installation tokens for automation that needs write access. |
| caddyserver/caddy | 68.33 | github/codeql-action/upload-sarif, ossf/scorecard-action | Prefer GitHub App installation tokens for automation that needs write access. |
| home-assistant/core | 68.33 | github/codeql-action/analyze, github/codeql-action/init | Consider `step-security/harden-runner` for sensitive workflows. |
| Stirling-Tools/Stirling-PDF | 67.24 | github/codeql-action/upload-sarif, ossf/scorecard-action | Set explicit `permissions:` in every workflow. |
| containerd/containerd | 61.67 | github/codeql-action/analyze, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Prefer GitHub App installation tokens for automation that needs write access. |
| falcosecurity/falco | 61.67 | github/codeql-action/analyze, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Prefer GitHub App installation tokens for automation that needs write access. |
| nodejs/node | 60.83 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Add supply-chain controls such as SBOM generation, artifact attestation, dependency review, or cosign signing. |
| ohmyzsh/ohmyzsh | 58.33 | github/codeql-action/upload-sarif, ossf/scorecard-action | Set explicit `permissions:` in every workflow. |
| immich-app/immich | 55.91 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| mermaid-js/mermaid | 54.4 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Set explicit `permissions:` in every workflow. |
| nvm-sh/nvm | 52.5 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Add supply-chain controls such as SBOM generation, artifact attestation, dependency review, or cosign signing. |
| n8n-io/n8n | 48.69 | aquasecurity/trivy-action, github/codeql-action/upload-sarif | Set explicit `permissions:` in every workflow. |
| electron/electron | 48.33 | github/codeql-action/upload-sarif, ossf/scorecard-action | Add supply-chain controls such as SBOM generation, artifact attestation, dependency review, or cosign signing. |
| prometheus/prometheus | 45.83 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Add supply-chain controls such as SBOM generation, artifact attestation, dependency review, or cosign signing. |
| facebook/react | 45 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| microsoft/TypeScript | 44.44 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Set explicit `permissions:` in every workflow. |
| twbs/bootstrap | 44.16 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Set explicit `permissions:` in every workflow. |
| grafana/grafana | 43.07 | aquasecurity/setup-trivy, github/codeql-action/analyze, github/codeql-action/init, github/codeql-action/upload-sarif | Set explicit `permissions:` in every workflow. |
| astral-sh/uv | 42 | - | Set explicit `permissions:` in every workflow. |
| moby/moby | 41.67 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init, github/codeql-action/upload-sarif | Add supply-chain controls such as SBOM generation, artifact attestation, dependency review, or cosign signing. |
| mui/material-ui | 41.67 | github/codeql-action/analyze, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Add supply-chain controls such as SBOM generation, artifact attestation, dependency review, or cosign signing. |
| surrealdb/surrealdb | 41.67 | github/codeql-action/analyze, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Add supply-chain controls such as SBOM generation, artifact attestation, dependency review, or cosign signing. |
| junegunn/fzf | 41.45 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| neovim/neovim | 40.83 | github/codeql-action/analyze, github/codeql-action/init | Add supply-chain controls such as SBOM generation, artifact attestation, dependency review, or cosign signing. |
| axios/axios | 40 | - | Set explicit `permissions:` in every workflow. |
| langchain-ai/langchain | 40 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| puppeteer/puppeteer | 40 | github/codeql-action/upload-sarif, ossf/scorecard-action | Prefer GitHub App installation tokens for automation that needs write access. |
| sveltejs/svelte | 40 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| anuraghazra/github-readme-stats | 39.88 | github/codeql-action/analyze, github/codeql-action/init, github/codeql-action/upload-sarif, ossf/scorecard-action | Set explicit `permissions:` in every workflow. |
| astral-sh/ruff | 39.74 | - | Set explicit `permissions:` in every workflow. |
| crewAIInc/crewAI | 38.71 | github/codeql-action/analyze, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| obsproject/obs-studio | 38.06 | github/codeql-action/upload-sarif | Set explicit `permissions:` in every workflow. |
| pulumi/pulumi | 37.86 | - | Set explicit `permissions:` in every workflow. |
| supabase/supabase | 37.73 | - | Set explicit `permissions:` in every workflow. |
| openclaw/openclaw | 37.12 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| gin-gonic/gin | 35.42 | aquasecurity/trivy-action, github/codeql-action/analyze, github/codeql-action/init, github/codeql-action/upload-sarif | Set explicit `permissions:` in every workflow. |
| coder/code-server | 35.12 | aquasecurity/trivy-action, github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init, github/codeql-action/upload-sarif | Set explicit `permissions:` in every workflow. |
| louislam/uptime-kuma | 34.72 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| pnpm/pnpm | 34.38 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| microsoft/promptflow | 34.37 | - | Set explicit `permissions:` in every workflow. |
| tensorflow/tensorflow | 33.33 | github/codeql-action/upload-sarif, ossf/scorecard-action | Add supply-chain controls such as SBOM generation, artifact attestation, dependency review, or cosign signing. |
| yt-dlp/yt-dlp | 33.33 | github/codeql-action/analyze, github/codeql-action/init | Add supply-chain controls such as SBOM generation, artifact attestation, dependency review, or cosign signing. |
| oxc-project/oxc | 33.06 | github/codeql-action/upload-sarif | Set explicit `permissions:` in every workflow. |
| mrdoob/three.js | 32.5 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| gradle/gradle | 32.08 | github/codeql-action/analyze, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| angular/angular | 31.41 | github/codeql-action/upload-sarif, ossf/scorecard-action | Set explicit `permissions:` in every workflow. |
| syncthing/syncthing | 31.11 | - | Set explicit `permissions:` in every workflow. |
| microsoft/PowerToys | 30 | - | Set explicit `permissions:` in every workflow. |
| aquasecurity/trivy | 28.33 | ./.github/actions/trivy-triage, knqyf263/trivy-issue-action | Set explicit `permissions:` in every workflow. |
| strapi/strapi | 26.82 | - | Set explicit `permissions:` in every workflow. |
| zed-industries/zed | 25.83 | - | Set explicit `permissions:` in every workflow. |
| biomejs/biome | 25.47 | - | Set explicit `permissions:` in every workflow. |
| BurntSushi/ripgrep | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| Effect-TS/effect | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| NVIDIA/NemoClaw | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| axolotl-ai-cloud/axolotl | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| d2l-ai/d2l-zh | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| django/django | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| gohugoio/hugo | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| infiniflow/ragflow | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| laravel/laravel | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| microsoft/generative-ai-for-beginners | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| pallets/flask | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| spring-projects/spring-boot | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| tailwindlabs/tailwindcss | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| tensorflow/models | 25 | - | Add at least one CI security scanner such as CodeQL, Trivy, Semgrep, Gitleaks, or Scorecard. |
| ant-design/ant-design | 24.24 | - | Set explicit `permissions:` in every workflow. |
| apache/superset | 24.04 | github/codeql-action/analyze, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| chroma-core/chroma | 23.57 | - | Set explicit `permissions:` in every workflow. |
| qdrant/qdrant | 23.33 | - | Set explicit `permissions:` in every workflow. |
| microsoft/semantic-kernel | 23.21 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| google-gemini/gemini-cli | 23.15 | github/codeql-action/analyze, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| python/cpython | 22.8 | github/codeql-action/upload-sarif | Set explicit `permissions:` in every workflow. |
| github/spec-kit | 22.62 | github/codeql-action/analyze, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| pytorch/pytorch | 22.62 | github/codeql-action/upload-sarif, ossf/scorecard-action | Set explicit `permissions:` in every workflow. |
| openai/openai-agents-python | 22.22 | - | Set explicit `permissions:` in every workflow. |
| EbookFoundation/free-programming-books | 21.43 | - | Set explicit `permissions:` in every workflow. |
| iptv-org/iptv | 21.25 | - | Set explicit `permissions:` in every workflow. |
| vitejs/vite | 21.25 | - | Set explicit `permissions:` in every workflow. |
| vllm-project/vllm | 20.83 | - | Set explicit `permissions:` in every workflow. |
| browser-use/browser-use | 20 | - | Set explicit `permissions:` in every workflow. |
| redis/redis | 20 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| continuedev/continue | 19.17 | - | Set explicit `permissions:` in every workflow. |
| typicode/json-server | 19.17 | - | Set explicit `permissions:` in every workflow. |
| PrefectHQ/marvin | 18.75 | - | Set explicit `permissions:` in every workflow. |
| fatedier/frp | 18.75 | - | Set explicit `permissions:` in every workflow. |
| microsoft/autogen | 18.75 | github/codeql-action/analyze, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| openai/codex | 18.59 | - | Set explicit `permissions:` in every workflow. |
| affaan-m/everything-claude-code | 17.86 | - | Set explicit `permissions:` in every workflow. |
| hashicorp/terraform | 17.5 | - | Set explicit `permissions:` in every workflow. |
| clash-verge-rev/clash-verge-rev | 17.31 | - | Set explicit `permissions:` in every workflow. |
| vuejs/core | 16.67 | - | Set explicit `permissions:` in every workflow. |
| lobehub/lobehub | 16.41 | - | Set explicit `permissions:` in every workflow. |
| flutter/flutter | 16.07 | - | Set explicit `permissions:` in every workflow. |
| microsoft/vscode | 15.38 | - | Set explicit `permissions:` in every workflow. |
| langflow-ai/langflow | 15.36 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| pingcap/tidb | 15 | - | Set explicit `permissions:` in every workflow. |
| realworld-apps/realworld | 14.58 | github/codeql-action/analyze, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| kserve/kserve | 14.42 | github/codeql-action/upload-sarif, securego/gosec, snyk/actions/docker | Set explicit `permissions:` in every workflow. |
| pydantic/pydantic-ai | 14.29 | - | Set explicit `permissions:` in every workflow. |
| lancedb/lancedb | 14.02 | - | Set explicit `permissions:` in every workflow. |
| PaddlePaddle/PaddleOCR | 13.89 | - | Set explicit `permissions:` in every workflow. |
| langgenius/dify | 13.64 | - | Set explicit `permissions:` in every workflow. |
| netdata/netdata | 13.64 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| weaviate/weaviate | 13.55 | github/codeql-action/upload-sarif | Set explicit `permissions:` in every workflow. |
| vercel/turborepo | 13.46 | - | Set explicit `permissions:` in every workflow. |
| Significant-Gravitas/AutoGPT | 13.33 | github/codeql-action/analyze, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| microsoft/ML-For-Beginners | 13.33 | - | Set explicit `permissions:` in every workflow. |
| anthropics/claude-code | 12.5 | - | Set explicit `permissions:` in every workflow. |
| bentoml/BentoML | 12.5 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| elastic/elasticsearch | 12.5 | - | Set explicit `permissions:` in every workflow. |
| freeCodeCamp/freeCodeCamp | 12.5 | - | Set explicit `permissions:` in every workflow. |
| guidance-ai/guidance | 12.5 | - | Set explicit `permissions:` in every workflow. |
| hoppscotch/hoppscotch | 12.5 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| iluwatar/java-design-patterns | 12.5 | - | Set explicit `permissions:` in every workflow. |
| meta-pytorch/torchtune | 12.5 | - | Set explicit `permissions:` in every workflow. |
| rust-lang/rust | 12.5 | - | Set explicit `permissions:` in every workflow. |
| triton-inference-server/server | 12.5 | github/codeql-action/analyze, github/codeql-action/autobuild, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| storybookjs/storybook | 11.67 | - | Set explicit `permissions:` in every workflow. |
| laravel/framework | 11.36 | - | Set explicit `permissions:` in every workflow. |
| mudler/LocalAI | 11.11 | github/codeql-action/upload-sarif, securego/gosec | Set explicit `permissions:` in every workflow. |
| TabbyML/tabby | 10.94 | - | Set explicit `permissions:` in every workflow. |
| ChatGPTNextWeb/NextChat | 10.71 | - | Set explicit `permissions:` in every workflow. |
| vercel/next.js | 10.46 | - | Set explicit `permissions:` in every workflow. |
| microsoft/playwright | 10.28 | - | Set explicit `permissions:` in every workflow. |
| danny-avila/LibreChat | 10.24 | - | Set explicit `permissions:` in every workflow. |
| anomalyco/opencode | 10.16 | - | Set explicit `permissions:` in every workflow. |
| dottxt-ai/outlines | 10 | - | Set explicit `permissions:` in every workflow. |
| honojs/hono | 10 | - | Set explicit `permissions:` in every workflow. |
| cockroachdb/cockroach | 9.77 | - | Set explicit `permissions:` in every workflow. |
| Mintplex-Labs/anything-llm | 9.45 | - | Set explicit `permissions:` in every workflow. |
| vibrantlabsai/ragas | 9.38 | - | Set explicit `permissions:` in every workflow. |
| deepspeedai/DeepSpeed | 9.26 | - | Set explicit `permissions:` in every workflow. |
| jesseduffield/lazygit | 8.33 | - | Set explicit `permissions:` in every workflow. |
| microsoft/terminal | 8.33 | - | Set explicit `permissions:` in every workflow. |
| tesseract-ocr/tesseract | 8.33 | github/codeql-action/analyze, github/codeql-action/init | Set explicit `permissions:` in every workflow. |
| NVIDIA/Megatron-LM | 8.06 | - | Set explicit `permissions:` in every workflow. |
| sgl-project/sglang | 7.69 | - | Set explicit `permissions:` in every workflow. |
| shadcn-ui/ui | 7.14 | - | Set explicit `permissions:` in every workflow. |
| facebook/react-native | 6.82 | - | Set explicit `permissions:` in every workflow. |
| Chalarangelo/30-seconds-of-code | 6.25 | - | Set explicit `permissions:` in every workflow. |
| NVIDIA/TensorRT-LLM | 6.25 | - | Set explicit `permissions:` in every workflow. |
| SWE-agent/SWE-agent | 6.25 | - | Set explicit `permissions:` in every workflow. |
| agno-agi/agno | 6.25 | - | Set explicit `permissions:` in every workflow. |
| unionlabs/union | 6.25 | - | Set explicit `permissions:` in every workflow. |
| krahets/hello-algo | 5.77 | - | Set explicit `permissions:` in every workflow. |
| fastapi/fastapi | 5.26 | - | Set explicit `permissions:` in every workflow. |
| InternLM/lmdeploy | 5 | - | Set explicit `permissions:` in every workflow. |
| f/prompts.chat | 5 | - | Set explicit `permissions:` in every workflow. |
| guardrails-ai/guardrails | 5 | - | Set explicit `permissions:` in every workflow. |
| microsoft/Web-Dev-For-Beginners | 5 | - | Set explicit `permissions:` in every workflow. |
| 2dust/v2rayN | 4.17 | - | Set explicit `permissions:` in every workflow. |
| TheAlgorithms/Python | 4.17 | - | Set explicit `permissions:` in every workflow. |
| hiyouga/LlamaFactory | 3.57 | - | Set explicit `permissions:` in every workflow. |
| invoke-ai/InvokeAI | 3.57 | - | Set explicit `permissions:` in every workflow. |
| 567-labs/instructor | 3.12 | - | Set explicit `permissions:` in every workflow. |
| huggingface/transformers | 2.83 | - | Set explicit `permissions:` in every workflow. |
| Aider-AI/aider | 2.5 | - | Set explicit `permissions:` in every workflow. |
| denoland/deno | 2.5 | - | Set explicit `permissions:` in every workflow. |
| rustdesk/rustdesk | 2.5 | - | Set explicit `permissions:` in every workflow. |
| Comfy-Org/ComfyUI | 2.38 | - | Set explicit `permissions:` in every workflow. |
| tauri-apps/tauri | 2.38 | - | Set explicit `permissions:` in every workflow. |
| deepset-ai/haystack | 2 | - | Set explicit `permissions:` in every workflow. |
| ggml-org/llama.cpp | 1.52 | - | Set explicit `permissions:` in every workflow. |
| oven-sh/bun | 1 | - | Set explicit `permissions:` in every workflow. |
| milvus-io/milvus | 0.83 | - | Set explicit `permissions:` in every workflow. |
| expo/expo | 0.62 | - | Set explicit `permissions:` in every workflow. |
| 3b1b/manim | 0 | - | Set explicit `permissions:` in every workflow. |
| AUTOMATIC1111/stable-diffusion-webui | 0 | - | Set explicit `permissions:` in every workflow. |
| Alliedium/awesome-github-actions | 0 | - | Set explicit `permissions:` in every workflow. |
| EleutherAI/lm-evaluation-harness | 0 | - | Set explicit `permissions:` in every workflow. |
| FoundationAgents/MetaGPT | 0 | - | Set explicit `permissions:` in every workflow. |
| airbnb/javascript | 0 | - | Set explicit `permissions:` in every workflow. |
| d3/d3 | 0 | - | Set explicit `permissions:` in every workflow. |
| dair-ai/Prompt-Engineering-Guide | 0 | - | Set explicit `permissions:` in every workflow. |
| doocs/advanced-java | 0 | - | Set explicit `permissions:` in every workflow. |
| excalidraw/excalidraw | 0 | - | Set explicit `permissions:` in every workflow. |
| facebook/create-react-app | 0 | - | Set explicit `permissions:` in every workflow. |
| firecrawl/firecrawl | 0 | - | Set explicit `permissions:` in every workflow. |
| godotengine/godot | 0 | - | Set explicit `permissions:` in every workflow. |
| janhq/jan | 0 | - | Set explicit `permissions:` in every workflow. |
| kamranahmedse/developer-roadmap | 0 | - | Set explicit `permissions:` in every workflow. |
| localsend/localsend | 0 | - | Set explicit `permissions:` in every workflow. |
| microsoft/markitdown | 0 | - | Set explicit `permissions:` in every workflow. |
| modelcontextprotocol/servers | 0 | - | Set explicit `permissions:` in every workflow. |
| nomic-ai/gpt4all | 0 | - | Set explicit `permissions:` in every workflow. |
| ocornut/imgui | 0 | - | Set explicit `permissions:` in every workflow. |
| ollama/ollama | 0 | - | Set explicit `permissions:` in every workflow. |
| open-webui/open-webui | 0 | - | Set explicit `permissions:` in every workflow. |
| openai/openai-cookbook | 0 | - | Set explicit `permissions:` in every workflow. |
| openai/whisper | 0 | - | Set explicit `permissions:` in every workflow. |
| opencv/opencv | 0 | - | Set explicit `permissions:` in every workflow. |
| rasbt/LLMs-from-scratch | 0 | - | Set explicit `permissions:` in every workflow. |
| ray-project/ray | 0 | - | Set explicit `permissions:` in every workflow. |
| sherlock-project/sherlock | 0 | - | Set explicit `permissions:` in every workflow. |
| stanfordnlp/dspy | 0 | - | Set explicit `permissions:` in every workflow. |
| ventoy/Ventoy | 0 | - | Set explicit `permissions:` in every workflow. |
| vuejs/vue | 0 | - | Set explicit `permissions:` in every workflow. |