Security is all of our responsabilities. If you spot something suspicious or see a known vulnerability in one of our repositories, please report it directly to #security on Slack.
All repositories in the GitHub org must make use of the standard suite of security and maintainability checks developed and maintained by the Security and Developer Platform teams.
The easiest way to do this is to make use of the shared workflows that have these checks baked in. Details of those can be found in brandwatch/bw-workflow-actions.
For help and support implementing these workflows, please contact the #dev-platform channel on Slack.