diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 15b7950..3674e94 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,5 +1,10 @@
 name: CI
 
+permissions:
+  contents: read
+  checks: write
+  pull-requests: write
+
 on:
   push:
     branches: [ main, develop ]
@@ -10,6 +15,10 @@ jobs:
   build:
     name: Build and Test
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      checks: write
+      pull-requests: write
     
     strategy:
       matrix:
@@ -65,6 +74,8 @@ jobs:
   code-quality:
     name: Code Quality Checks
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     
     steps:
     - name: Checkout code
@@ -100,6 +111,8 @@ jobs:
   dependency-check:
     name: Dependency Security Scan
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     
     steps:
     - name: Checkout code
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index b6618d6..fea6131 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,5 +1,8 @@
 name: Release
 
+permissions:
+  contents: write
+
 on:
   push:
     tags:
@@ -9,6 +12,8 @@ jobs:
   release:
     name: Create Release
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
     
     steps:
     - name: Checkout code
@@ -83,6 +88,8 @@ jobs:
     runs-on: ubuntu-latest
     needs: release
     if: github.repository_owner == 'yourusername'  # Replace with your GitHub username
+    permissions:
+      contents: read
     
     steps:
     - name: Checkout code
@@ -110,6 +117,8 @@ jobs:
     name: Publish Javadoc to GitHub Pages
     runs-on: ubuntu-latest
     needs: release
+    permissions:
+      contents: write
     
     steps:
     - name: Checkout code