MEDIUM
Source
CloudSploit
ID
org-default-permission

Org Default Permission

Checks the default permission given to new users added to an organization.

The default permission given to new organization users should be set to none. Read permissions risk exposing private repositories, while write or admin permissions risk sensitive access to repositories for new users.

Set the default permission to none or read-only and assign permissions on a more granular repository level.