Secrets and Credentials at organization level should not widely shared

This check reports an issue if any organization-level secrets is configured with either All or Private access policy.

The CICD-SEC-6 security risk is Insufficient Credential Hygiene. To avoid this risk, it is important to avoid sharing the same set of credentials across multiple contexts. Sharing the same credentials increases the complexity of achieving the principle of least privilege. This risk is one of the top CI/CD risks.

Ensure any organization level secret is configured using a restricted access policy for a trusted repository list instead of sharing them with all repositories.