Restrict token permissions for Auto Assign PR

[irongut]

Feature Request

The Auto Assign PR workflow doesn't have GitHub token permissions specified because it uses an Action not in the StepSecurity database.

Expected Behaviour

All workflows should restrict the GitHub token permissions.

Additional Context

• StepSecurity App
• samspills/assign-pr-to-author

Linked To

#49 Implement StepSecurity Secure Workflows (audit)
#51 Implement StepSecurity Secure Workflows (policy)

[github-actions]

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this issue will be closed in 30 days.

[github-actions]

This issue was closed because it has been stale for 30 days with no activity.