diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index afa1545d..978a5073 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -10,7 +10,7 @@ on:
 ### TODO: Also remove `get-prerelease`, `get-version`, `release-create`, `tag-create` and `tag-exists` actions from this repo's .github/actions folder once the repo is public.
 
 permissions:
-  contents: read
+  contents: write
   id-token: write # Required for trusted publishing to PyPI
 
 jobs:
@@ -42,7 +42,7 @@ jobs:
       - id: get_release_notes
         uses: ./.github/actions/get-release-notes
         with:
-          token: ${{ secrets.github-token }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           version: ${{ steps.get_version.outputs.version }}
           repo_owner: ${{ github.repository_owner }}
           repo_name: ${{ github.event.repository.name }}
@@ -52,7 +52,7 @@ jobs:
         uses: ./.github/actions/tag-exists
         with:
           tag: ${{ steps.get_version.outputs.version }}
-          token: ${{ secrets.github-token }}
+          token: ${{ secrets.GITHUB_TOKEN }}
 
       # If the tag already exists, exit with an error
       - if: steps.tag_exists.outputs.exists == 'true'
@@ -83,9 +83,9 @@ jobs:
       # Create a release for the tag
       - uses: ./.github/actions/release-create
         with:
-          token: ${{ secrets.github-token }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           name: ${{ steps.get_version.outputs.version }}
           body: ${{ steps.get_release_notes.outputs.release-notes }}
           tag: ${{ steps.get_version.outputs.version }}
           commit: ${{ github.sha }}
-          prerelease: ${{ steps.get_prerelease.outputs.prerelease }}
\ No newline at end of file
+          prerelease: ${{ steps.get_prerelease.outputs.prerelease }}