@Ronitsabhaya75 I think we have two options here:

1. We could follow a similar flow to what is described in this article under Attack Vectors -> Remediation to split the workflow into two, where one is unprivileged and reads the PR content and another is privileged and can run the labeler on the PR number output by the first.

2. OR we can have a cron job workflow like what is described in the labeler action docs here that runs periodically to label new PRs. This one would be tricky to figure out how to determine what a "new PR" is and we don't want to constantly be running the labeler on PRs that are already labeled.

In either case, I think we can't read the labeler configuration file from the PR since that would require using untrusted files.

If you want to read more about making GitHub workflows safer, this is a good post.