align AI instructions with upstream
some updates coming from ongoing work
This commit is contained in:
Frank
2
.github/cicd.instructions.md
vendored
2
.github/cicd.instructions.md
vendored
@@ -71,6 +71,8 @@ schedule:
|
||||
|
||||
## Security
|
||||
|
||||
Important: Several current workflows still violate parts of the baseline below - migration is in progress.
|
||||
|
||||
### Permissions — Least Privilege
|
||||
|
||||
Declare explicit `permissions:` blocks. The default token permissions are broad; scope them to the minimum required:
|
||||
|
||||
Reference in New Issue
Block a user