diff --git a/.github/chainguard/pr-review-audit.sts.yaml b/.github/chainguard/pr-review-audit.sts.yaml
new file mode 100644
index 0000000..89823f4
--- /dev/null
+++ b/.github/chainguard/pr-review-audit.sts.yaml
@@ -0,0 +1,14 @@
+issuer: https://accounts.google.com
+
+# you can find the code and explanation for this in https://github.com/chainguard-dev/chainguard-devops/blob/main/github-audit-prs/README.md
+
+# staging-support-tools-2b84: devops-github-audit-prs@staging-support-tools-2b84.iam.gserviceaccount.com
+subject_pattern: "103467134585088586606"
+
+# to be able to write issues and see the repos if is private
+permissions:
+  issues: write
+  pull_requests: write
+  contents: read
+
+repositories: []  # Act over all of the repos in the org.