🔥 3-day streak
GitHub Enterprise Administrator (GH-100)3 / 79
Question 3 of 79

An enterprise owner notices that a compromised third-party action in one repository was able to push commits and create releases using the automatically generated GITHUB_TOKEN. They want to reduce the blast radius of the default token across all organizations without breaking existing workflows that explicitly request the permissions they need. Which enterprise-level setting should they configure?

Reviewed for accuracy · Report an issueNext question