GitHub Actions Workflows can provide a great abstraction layer for creating or orchestrating build and release processes. Since we're running code -- in some cases, from third-parties -- it's important to understand how to secure the environment from malicious Actions. This is where permissions can help.