permissions: unknown

[steveoh]

It appears when a workflow uses the graphql api the permissions cannot be determined. Is that a known limitation or something coming in the future?

[JarLob]

Yes, it is documented limitation: https://github.com/GitHubSecurityLab/actions-permissions/blob/8ecfc0d800e75e5774f8eebc81b3f48f214b8ca4/monitor/README.md?plain=1#L62 Though it should be doable, just some GraphQL parser is needed.