diff --git a/.github/workflows/docker-mod-builder.yml b/.github/workflows/docker-mod-builder.yml
index f3d9139..82367fb 100644
--- a/.github/workflows/docker-mod-builder.yml
+++ b/.github/workflows/docker-mod-builder.yml
@@ -41,12 +41,15 @@ jobs:
       - name: Check Out Repo (Commit)
         uses: actions/checkout@v6
         if: ${{ github.event_name != 'pull_request_target' }}
+        with:
+          persist-credentials: false
 
       - name: Check Out Repo (PR)
         uses: actions/checkout@v6
         if: ${{ github.event_name == 'pull_request_target' }}
         with:
           ref: ${{ github.event.pull_request.head.sha }}
+          persist-credentials: false
 
       - name: Set Vars
         run: |
diff --git a/.github/workflows/init-svc-executable-permissions.yml b/.github/workflows/init-svc-executable-permissions.yml
index 6cdd2b4..ce451dc 100644
--- a/.github/workflows/init-svc-executable-permissions.yml
+++ b/.github/workflows/init-svc-executable-permissions.yml
@@ -9,6 +9,7 @@ jobs:
       - uses: actions/checkout@v6
         with:
           ref: ${{ github.event.pull_request.head.sha }}
+          persist-credentials: false
       - name: Check Permissions
         run: |
           WRONG_PERM=$(find ./  -path "./.git" -prune -o \( -name "run" -o -name "finish" -o -name "check" \) -not -perm -u=x,g=x,o=x -print)