diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index d00baa0..7629686 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -1,13 +1,14 @@
 on:
   push:
       
-permissions:
-  contents: write
-  pull-requests: write
+permissions: read-all
       
 name: Publish release
 jobs:
   update-action-references:
+    permissions:
+      contents: write
+      pull-requests: write
     runs-on: ubuntu-latest
     steps:
       - name: Check-out source code
@@ -29,6 +30,9 @@ jobs:
             
   release:
     if: github.ref == 'refs/heads/main'
+    permissions:
+      contents: write
+      pull-requests: write
     runs-on: ubuntu-latest
     needs: update-action-references
     steps:
diff --git a/.github/workflows/update-repo-docs.yml b/.github/workflows/update-repo-docs.yml
index 3706cb9..6549196 100644
--- a/.github/workflows/update-repo-docs.yml
+++ b/.github/workflows/update-repo-docs.yml
@@ -10,4 +10,6 @@ on:
       
 jobs:
   update-repo-docs:
+    permissions:
+      contents: write
     uses: fortify/shared-doc-resources/.github/workflows/update-repo-docs.yml@main
\ No newline at end of file
diff --git a/action.yml b/action.yml
index e68fdb4..d474a9d 100644
--- a/action.yml
+++ b/action.yml
@@ -20,7 +20,7 @@ runs:
     - name: Set Fortify data directory
       run: echo "FORTIFY_DATA_DIR=${{ runner.temp }}/fortify-data" >> $GITHUB_ENV
       shell: bash
-    - uses: fortify/github-action/setup@main
+    - uses: fortify/github-action/setup@mjain6/review-github-actions-vulnerabilities
       with:
         fcli: bootstrapped
         export-path: false