diff --git a/action.yml b/action.yml
index f106dcb..ad71b9c 100644
--- a/action.yml
+++ b/action.yml
@@ -1,5 +1,19 @@
 name: 'GoSec Scanning'
 description: 'Scan codebase with gosec'
+inputs:
+  token:
+    description: >
+      Personal access token (PAT) used to fetch the repository. The PAT is configured
+      with the local git config, which enables your scripts to run authenticated git
+      commands. The post-job step removes the PAT.
+
+
+      We recommend using a service account with the least permissions necessary.
+      Also when generating a new PAT, select the least scopes necessary.
+
+
+      [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
+    default: ${{ github.token }}
 runs:
   using: 'docker'
   image: 'docker://git.shadowhosting.xyz/actions/goscan:latest'
\ No newline at end of file
diff --git a/cmd/root.go b/cmd/root.go
index fad917b..7721da8 100644
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -185,7 +185,7 @@ var rootCmd = &cobra.Command{
 			log.Fatalln(err)
 		}
 
-		forgeClient, err := forgejo.NewClient(actionCtx.ServerURL, forgejo.SetToken(os.Getenv("GITHUB_TOKEN")))
+		forgeClient, err := forgejo.NewClient(actionCtx.ServerURL, forgejo.SetToken(action.GetInput("token")))
 		if err != nil {
 			log.Fatalln(err)
 		}