@joycebrum thank you for opening this issue, it is very appreciated!

We do have CI configured to only run automatically for previous contributors, which should mitigate a significant portion of such attacks, but there's indeed no reason to have these permissions enabled. It's actually surprising that this is the default.

Currently, we only have one job that needs such permissions, the release one, but it uses an external GITHUB_TOKEN, which I am assuming only has release upload permissions, but @jaraco could confirm.

I think with the implicit (probably not the best word 😅) GITHUB_TOKEN token, we don't actually need to specify a GITHUB_TOKEN, but I don't see any configuration key in the documentation you linked that is obvious to me to target releases.

Also, given that we do have a GITHUB_TOKEN secret already, do you know if it shadows the implicit one, or overwrites it? If that's the case, then we just need to make sure the token has the correct permissions, but it doesn't hurt to set the permissions settings anyway for future-proofing.