asyncapi · asyncapi-bot · Jun 19, 2026
@@ -4,9 +4,9 @@
 name: Welcome first time contributors
 
 on:
-  pull_request:
-    types: 
-      - opened
+  pull_request_target:      # Needed to write welcome comments on fork PRs; script only uses the GitHub API.
+    types:
+      - opened              # zizmor: ignore[dangerous-triggers]
   issues:
     types:
       - opened
@@ -18,7 +18,7 @@
 jobs:
  welcome:
    name: Post welcome message
    if: ${{ !contains(fromJson('["asyncapi-bot", "dependabot[bot]", "dependabot-preview[bot]", "allcontributors[bot]"]'), github.actor) }} # zizmor: ignore[obfuscation]
    runs-on: ubuntu-latest
    permissions:
      contents: read            # Required to read repository data for checking if it's the user's first contribution