task to run trivy does not need any GitHub personal access token

pipelines/main/pipeline.yml

@@ -999,7 +999,6 @@ jobs:
           image: ci-build-image
         file: pinniped-ci/pipelines/shared-tasks/scan-image-trivy/task.yml
         params:
-          GITHUB_TOKEN: ((ci-bot-access-token-with-read-user-permission))
           <<: *trivy_ignores
         <<: *notify_on_failure
 

pipelines/pull-requests/pipeline.yml

@@ -987,7 +987,6 @@ jobs:
         input_mapping:
           image: ci-build-image
         params:
-          GITHUB_TOKEN: ((ci-bot-access-token-with-read-user-permission))
           <<: *trivy_ignores
 
   - name: integration-test-oldest

pipelines/security-scan/pipeline.yml

@@ -1,4 +1,4 @@
-# Copyright 2020-2025 the Pinniped contributors. All Rights Reserved.
+# Copyright 2020-2026 the Pinniped contributors. All Rights Reserved.
 # SPDX-License-Identifier: Apache-2.0
 
 display:
@@ -217,7 +217,6 @@ jobs:
       - task: scan
         file: pinniped-ci/pipelines/shared-tasks/scan-image-trivy/task.yml
         params:
-          GITHUB_TOKEN: ((ci-bot-access-token-with-read-user-permission))
           <<: *trivy_ignores
         input_mapping:
           image: pinniped-latest-release-image
@@ -236,7 +235,6 @@ jobs:
       - task: scan
         file: pinniped-ci/pipelines/shared-tasks/scan-image-trivy/task.yml
         params:
-          GITHUB_TOKEN: ((ci-bot-access-token-with-read-user-permission))
           <<: *trivy_ignores
         input_mapping:
           image: pinniped-latest-main-image

pipelines/shared-tasks/scan-image-trivy/task.yml

@@ -11,7 +11,6 @@ inputs:
   - name: image
 outputs:
 params:
-  GITHUB_TOKEN:
   # For format see https://trivy.dev/docs/latest/guide/configuration/filtering/#by-finding-ids
   IGNORE_VULNERABILITY_IDS: ""
 run: