Unexpected input(s) 'GITHUB_TOKEN', valid inputs are ['TRIVY_SKIP_DB_UPDATE', 'TRIVY_SKIP_JAVA_DB_UPDATE']

This run of the CodeQL Action does not have permission to access Code Scanning API endpoints. As a result, it will not be opted into any experimental features. This could be because the Action is running on a pull request from a fork. If not, please ensure the Action has the 'security-events: write' permission. Details: Resource not accessible by integration - https://docs.github.com/rest