Comment by goyozi

Not saying it’s good but I think it’s quite common for devs to have read only access to everything. I suspect that with all the recent news, including this, the needle might start to shift a bit.

I think it’s actually non-trivial to determine how many repos you should have read-only access to. I frequently hop through multiple repos that I don’t contribute to, just to understand how the system is architected and what it does at different stages. We even have an internal Claude skill for finding relevant repo for a given problem which relies on personal gh access (via CLI). It _can_ be done more securely but those defaults built over many years will take time to change.