From 8b7e2a634c729ea0e0bc74cf0df860e70bcd7a13 Mon Sep 17 00:00:00 2001
From: StepSecurity Bot <bot@stepsecurity.io>
Date: Mon, 3 Mar 2025 16:52:50 +0000
Subject: [PATCH] [StepSecurity] ci: Harden GitHub Actions

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
---
 .github/workflows/runs-on.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/runs-on.yml b/.github/workflows/runs-on.yml
index 319b915..a233b74 100644
--- a/.github/workflows/runs-on.yml
+++ b/.github/workflows/runs-on.yml
@@ -3,6 +3,9 @@ name: RunsOn Tests
 on: 
   workflow_dispatch:
 
+permissions:
+  contents: read
+
 jobs:
   test-host-outbound:
     runs-on: