This App enables advanced scenarios for the StepSecurity Platform, e.g.

1. Analysis of private GitHub Actions
2. Creation of GitHub issues and pull requests for Action misconfigurations, e.g. over-privileged GitHub token permissions
3. Integration with GitHub Advanced Security
4. Enforce Workflow Runs Policies to block workflow runs that do not meet organization policies

It needs the following permissions:

1. Administration Read: To check branch protection of private Actions
2. Contents Write: To evaluate score for private Actions and fixes for Action misconfigurations
3. Pull Requests Write: To evaluate score for private Actions and fix GitHub Actions workflows
4. Issues Write: To create issues to recommend fixes for Action misconfigurations
5. Code Scanning Alerts Write: To create GitHub Advanced Security findings to recommend fixes for Action misconfigurations
6. Actions Write: To cancel workflow runs that do not meet organization policies.

This App should only be installed after the https://github.com/apps/stepsecurity-actions-security App