From 2d3a06a6db02760b80723882303a24887785baca Mon Sep 17 00:00:00 2001
From: exoego <ytatsuno.jp@gmail.com>
Date: Sun, 2 Jun 2024 10:55:43 +0900
Subject: [PATCH] Added note

---
 README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/README.md b/README.md
index 508a6f2..d37da17 100644
--- a/README.md
+++ b/README.md
@@ -112,6 +112,11 @@ permissions:
   pull-requests: write # for comments
 ```
 
+This action uses the `GITHUB_TOKEN` provided by GitHub Actions.
+Due to security limitation, `GITHUB_TOKEN` is not granted to write comments on PRs from forks on `pull_request` event.
+Instead, [`pull_request_target` event should be used on PRs from forks to overcome this limitation](https://docs.github.com/en/actions/security-guides/automatic-token-authentication).
+Please check the above setup example to use this action with `pull_request_target`.
+
 ## Action inputs
 
 | Name                      | Default                               | Description                                                                                                      |