Worked on enhancing security and governance for CI workflows in the openfga/openfga repository by delivering a top-level permission setting for the Pull Request Analyzer workflow. Focused on reducing risk in pull request processing through granular access control, the work centered on permission modeling and secure workflow configuration using YAML and GitHub Actions. Collaborated closely with another engineer to co-author the change, emphasizing cross-team coordination and PR-based delivery. The update positioned the repository for improved audit readiness by establishing clearer permission boundaries and a secure-by-default approach, laying a more robust foundation for future automation and scalable workflow governance within CI/CD pipelines.