diff --git a/.github/dependency-review-config.yml b/.github/dependency-review-config.yml
index 4e3e1ee33..ffa2fec09 100644
--- a/.github/dependency-review-config.yml
+++ b/.github/dependency-review-config.yml
@@ -10,3 +10,4 @@ allow_licenses:
   - OpenSSL
   - Python-2.0
   - X11
+comment-summary-in-pr: true
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 201e9f8e8..f8b7a874f 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -7,6 +7,9 @@ permissions:
 jobs:
   dependency-review:
     runs-on: ubuntu-22.04
+    permissions:
+      contents: read
+      pull-requests: write
     steps:
       - name: "Checkout Repository"
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3