diff --git a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-jfrog.md b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-jfrog.md
index e37654aa91e4..17f0caad8509 100644
--- a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-jfrog.md
+++ b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-jfrog.md
@@ -55,6 +55,8 @@ In your {% data variables.product.prodname_actions %} workflow file, ensure you
 
 The following example uses the placeholders `YOUR_PROVIDER_NAME` and `YOUR_AUDIENCE`.
 
+{% raw %}
+
 ```yaml
 permissions:
   id-token: write
@@ -77,6 +79,8 @@ jobs:
 
 ```
 
+{% endraw %}
+
 > [!TIP]
 > When OIDC authentication is used, the `setup-jfrog-cli` action automatically provides `oidc-user` and `oidc-token` as step outputs.
 > These can be used for other integrations that require authentication with JFrog.
@@ -84,6 +88,8 @@ jobs:
 
 ### Using OIDC Credentials in other steps
 
+{% raw %}
+
 ```yaml
       - name: Sign in to Artifactory Docker registry
         uses: docker/login-action@v3
@@ -93,6 +99,8 @@ jobs:
           password: ${{ steps.setup-jfrog-cli.outputs.oidc-token }}
 ```
 
+{% endraw %}
+
 ## Further reading
 
 * [OpenID Connect Integration](https://jfrog.com/help/r/jfrog-platform-administration-documentation/openid-connect-integration) in the JFrog documentation
diff --git a/data/reusables/organizations/additional-permissions.md b/data/reusables/organizations/additional-permissions.md
index 881b9cd693b3..496d768ea836 100644
--- a/data/reusables/organizations/additional-permissions.md
+++ b/data/reusables/organizations/additional-permissions.md
@@ -59,6 +59,7 @@ For more information, see [AUTOTITLE](/discussions).
 * View {% data variables.product.prodname_secret_scanning %} results
 * Dismiss or reopen {% data variables.product.prodname_secret_scanning %} results
 
+{%- ifversion ghec %}
 ### Actions
 
 * Manage {% data variables.product.prodname_actions %} general settings
@@ -66,3 +67,4 @@ For more information, see [AUTOTITLE](/discussions).
 * Manage secrets
 * Manage variables
 * Manage environments (including environment secrets and variables)
+{%- endif %}
diff --git a/data/reusables/repositories/rulesets-bypass-step.md b/data/reusables/repositories/rulesets-bypass-step.md
index aa5202017045..42e024fb0f5f 100644
--- a/data/reusables/repositories/rulesets-bypass-step.md
+++ b/data/reusables/repositories/rulesets-bypass-step.md
@@ -2,7 +2,7 @@ You can grant certain roles, teams, or apps bypass permissions {% ifversion push
 
 * Repository admins, organization owners, and enterprise owners
 * The maintain or write role, or custom repository roles based on the write role
-* Teams
+* Teams, excluding secret teams. See [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams#team-visibility).
 {%- ifversion ghes %}
 * Deploy keys
 {%- endif %}