[plan] Address default permissions on risky events in ai-moderator workflow

[github-actions]

Objective

Fix the poutine supply chain security warning about default permissions on risky events in ai-moderator.lock.yml.

Context

From discussion #15009 - Poutine identified 1 remaining workflow with default_permissions_on_risky_events warning. This is a significant improvement from 14 workflows on Feb 9 to just 1 currently.

Poutine Finding:

• Severity: Warning
• Issue: default_permissions_on_risky_events
• Affected: ai-moderator.lock.yml
• Risk: Workflow has default (elevated) permissions on potentially risky event triggers

Approach

1. Review ai-moderator.lock.yml to identify:

   • Current permissions configuration
   • Event triggers that may be risky (e.g., pull_request_target, issue_comment, workflow_run)

2. Check the source .md workflow for permissions frontmatter:

   permissions:
     contents: read
     issues: write
     # etc.

3. Apply principle of least privilege:

   • Explicitly define minimal required permissions
   • Use read-only permissions where possible
   • Grant write permissions only where necessary

4. Update the workflow source with explicit permissions

5. Recompile with make recompile

6. Verify with poutine or similar supply chain analysis tool

Files to Modify

• .github/workflows/ai-moderator.md (source workflow)
• .github/workflows/ai-moderator.lock.yml (will be regenerated)

Acceptance Criteria

• Explicit permissions defined in workflow frontmatter
• Permissions follow principle of least privilege
• default_permissions_on_risky_events warning eliminated
• Workflow recompiled successfully
• Workflow still functions correctly with new permissions
• Security posture maintained or improved

AI generated by Plan Command for discussion #15009

• expires on Feb 14, 2026, 1:28 AM UTC