OpSec
If you are a Red-Teamer seeking to assess a token's privileges without alerting the organization of your activities, then certain Gato features should be avoided or used with care.
GitHub recently released a new feature that allows all API requests made against an organization's private repository to be included in the audit log. This feature is currently in private beta, it is unlikely that most organizations are enrolled in this private beta and have detection engineering surrounding GET API requests. However, it can no longer be assumed that using gato without any git clone operations is 100% stealthy.
Attacking a repository is an overt action. In a true Red Team, you will be best served using a custom payload that blends within the noise present in the organization you are targeting. Gato offers some options to tweak the IOCs generated during the workflow push attack. Examples are the branch name and the commit's author and deleting the workflow run log after execution.
The secrets exfiltration feature creates a workflow run that executes from a feature branch and runs on GitHub-hosted runners. The workflow run will only be present for 45 seconds if you use the --delete-action (or -d) to clean up the resulting workflow. As of version 1.6, Gato will clean up all other workflow files in the malicious branch so as not to unintentionally trigger other workflow runs.
It is helpful to review the GitHub Audit Log Events documentation to understand which events will be logged.