This App enables advanced scenarios for the StepSecurity Platform, e.g.

1. Analysis of private GitHub Actions
2. Creation of GitHub issues and pull requests for Action misconfigurations, e.g. over-privileged GitHub token permissions
3. Integration with GitHub Advanced Security
4. Enforce Workflow Runs Policies to block workflow runs that do not meet organization policies

It needs the following permissions:

1. Administration Read: To show what GitHub Apps and PATs have access, and check branch protection
2. Contents Write: To evaluate score for private Actions and fixes for Action misconfigurations
3. Pull Requests Write: To evaluate score for private Actions and fix GitHub Actions workflows
4. Issues Write: To create issues to recommend fixes for Action misconfigurations
5. Code Scanning Alerts Write: To create GitHub Advanced Security findings to recommend fixes for Action misconfigurations
6. Actions Write: To cancel workflow runs that do not meet organization policies.
7. Personal Access Tokens Read: To show what fine-grained PATs have access to the org.

This App should only be installed after the https://github.com/apps/stepsecurity-actions-security App