diff --git a/.github/workflows/auto-tag.yml b/.github/workflows/auto-tag.yml
index 1ed02b5..2a2d2da 100644
--- a/.github/workflows/auto-tag.yml
+++ b/.github/workflows/auto-tag.yml
@@ -10,13 +10,11 @@ on:
       - "LICENSE"
       - ".gitignore"
 
+permissions: write-all
+
 jobs:
   auto-tag:
     runs-on: ubuntu-latest
-    permissions:
-      contents: write
-      issues: write
-      pull-requests: write
     outputs:
       new_tag: ${{ steps.get_latest_tag.outputs.version }}
     steps:
@@ -41,7 +39,7 @@ jobs:
 
       - name: Create new tag
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
         run: |
           new_tag=${{ steps.get_latest_tag.outputs.version }}
           git config --global user.name 'github-actions[bot]'
@@ -52,9 +50,5 @@ jobs:
   release:
     needs: auto-tag
     uses: ./.github/workflows/release.yml
-    permissions:
-      contents: write
-      packages: write
-      issues: write
-      pull-requests: write
+    permissions: write-all
     secrets: inherit
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a7048d8..4192cb1 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -6,11 +6,7 @@ on:
     tags:
       - "v*"
 
-permissions:
-  contents: write
-  packages: write
-  issues: write
-  pull-requests: write
+permissions: write-all
 
 jobs:
   goreleaser:
@@ -51,5 +47,5 @@ jobs:
           version: v1.21.2
           args: release --clean
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
           GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}