diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index bbb5e36b..366fbf9f 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -5,6 +5,10 @@ on:
       - '**/Cargo.toml'
       - '**/Cargo.lock'
 
+permissions:
+  issues: write
+  checks: write
+
 jobs:
   security_audit:
     runs-on: ubuntu-latest
diff --git a/crates/header-accumulator/Cargo.toml b/crates/header-accumulator/Cargo.toml
index 6847d6b9..d5c2b53b 100644
--- a/crates/header-accumulator/Cargo.toml
+++ b/crates/header-accumulator/Cargo.toml
@@ -18,7 +18,6 @@ rlp.workspace = true
 serde = { workspace = true, features = ["derive"] }
 serde_json.workspace = true
 sf-protos = { path = "../sf-protos" }
-# Needs to match that transitively depended on by trin-validation
 tree_hash = "0.8.0"
 trin-validation.workspace = true