From ac7e893896f9695f5a3fba85dae9269e6745177a Mon Sep 17 00:00:00 2001
From: Nikita Pivkin <nikita.pivkin@smartforce.io>
Date: Thu, 18 Jun 2026 15:40:47 +0600
Subject: [PATCH 1/2] ci: use built-in GITHUB_TOKEN for source repo checkouts

---
 .github/workflows/cron.yml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/cron.yml b/.github/workflows/cron.yml
index 973e5ec..74316c9 100644
--- a/.github/workflows/cron.yml
+++ b/.github/workflows/cron.yml
@@ -40,21 +40,21 @@ jobs:
         uses: actions/checkout@v3
         with:
           repository: aquasecurity/vuln-list
-          token: ${{ secrets.ORG_REPO_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           path: avd-repo/vuln-list
 
       - name: Checkout public vuln-list-nvd-repo
         uses: actions/checkout@v3
         with:
           repository: aquasecurity/vuln-list-nvd
-          token: ${{ secrets.ORG_REPO_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           path: avd-repo/vuln-list-nvd
 
       - name: Checkout public vuln-list-redhat-repo
         uses: actions/checkout@v3
         with:
           repository: aquasecurity/vuln-list-redhat
-          token: ${{ secrets.ORG_REPO_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           sparse-checkout: |
             api
           path: avd-repo/vuln-list-redhat
@@ -63,28 +63,28 @@ jobs:
         uses: actions/checkout@v3
         with:
           repository: aquasecurity/cloud-security-remediation-guides
-          token: ${{ secrets.ORG_REPO_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           path: avd-repo/remediations-repo
 
       - name: Checkout public cloudsploit-repo
         uses: actions/checkout@v3
         with:
           repository: aquasecurity/cloudsploit
-          token: ${{ secrets.ORG_REPO_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           path: avd-repo/cloudsploit-repo
 
       - name: Checkout public trivy-policies-repo
         uses: actions/checkout@v3
         with:
           repository: aquasecurity/trivy-policies
-          token: ${{ secrets.ORG_REPO_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           path: avd-repo/trivy-policies-repo
 
       - name: Checkout public chain-bench-repo
         uses: actions/checkout@v3
         with:
           repository: aquasecurity/chain-bench
-          token: ${{ secrets.ORG_REPO_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           path: avd-repo/chain-bench-repo
 
       - name: Build generator

From 8a3705536acd00972d4c841d7ff15b3bba205e9e Mon Sep 17 00:00:00 2001
From: Nikita Pivkin <nikita.pivkin@smartforce.io>
Date: Thu, 18 Jun 2026 18:08:56 +0600
Subject: [PATCH 2/2] chore: rename trivy-policies to trivy-checks

---
 .github/workflows/cron.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/cron.yml b/.github/workflows/cron.yml
index 74316c9..1692a84 100644
--- a/.github/workflows/cron.yml
+++ b/.github/workflows/cron.yml
@@ -73,10 +73,10 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
           path: avd-repo/cloudsploit-repo
 
-      - name: Checkout public trivy-policies-repo
+      - name: Checkout public trivy-checks-repo
         uses: actions/checkout@v3
         with:
-          repository: aquasecurity/trivy-policies
+          repository: aquasecurity/trivy-checks
           token: ${{ secrets.GITHUB_TOKEN }}
           path: avd-repo/trivy-policies-repo