GitHub Permission Usage Auditor That Says Which Org Owners Actually Use the Power

dev tool weekend hack • single request

Permission sprawl on GitHub orgs is universal: a small team has 30+ org owners because granting 'Owner' was easier than learning the delegated permission model. Existing audit tools enumerate who has what — none correlate the audit log to ask 'who has owner power but only ever uses it for repo creation?' so you can demote 25 people without breaking a workflow.

builder note

Ship as a CLI plus a one-off SaaS report. Pull 90 days of audit log, classify every owner-scoped action by whether a Maintainer role would have sufficed, and produce a 'demote these N people, keep these M' PR. Free up to one org, paid above.

landscape (4 existing solutions)

The audit tooling answers 'who has access' but not 'who used the access they have'. A purpose-built GitHub permission usage analyzer with a 'safe to demote' recommender is missing at the SMB price point.

GitHub native audit log Raw events with no usage-vs-permission diff and no recommendation engine.

genuinetools/audit Archived, snapshot-style enumeration of collaborators and hooks. No 'last used' analysis.

scality/ghaudit Compliance posture checks, not least-privilege right-sizing.

Apono / Teleport / ConductorOne JIT access platforms priced and packaged for enterprise IAM, not for 'fix our 30 GitHub owners' as a one-time job.

sources (1)

reddit https://www.reddit.com/r/devops/comments/1sucqeo/we_have_30_... "How to identify who was actually using permissions versus who just had them." 2026-04-24

githubleast-privilegepermissionsaudit-logsecurity