> ## Documentation Index
> Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt
> Use this file to discover all available pages before exploring further.

# GH_CanAccess

> Personal access token or app installation can access this repository or organization

<img noZoom src="https://mintcdn.com/specterops/tTIczgde9H07oLXf/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=tTIczgde9H07oLXf&q=85&s=ad49a576589f4d2a8081df77d07fdf56" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

## Edge Schema

* Source: [GH\_PersonalAccessToken](/opengraph/extensions/github/nodes/gh_personalaccesstoken), [GH\_AppInstallation](/opengraph/extensions/github/nodes/gh_appinstallation)
* Destination: [GH\_Repository](/opengraph/extensions/github/nodes/gh_repository)
* Traversable: ❌

## General Information

The non-traversable GH\_CanAccess edge indicates that a personal access token or app installation has been granted access to specific repositories. This edge represents the scope of access granted to a token or app rather than a direct attack path, providing visibility into which repositories are reachable through non-human credentials. It is non-traversable because token and app access does not transitively extend to other principals.

```mermaid theme={null}
graph LR
    pat("GH_PersonalAccessToken pat-alice-readonly")
    install("GH_AppInstallation ci-bot#6789")
    repo1("GH_Repository GitHound")
    repo2("GH_Repository BloodHound")
    pat -- GH_CanAccess --> repo1
    install -- GH_CanAccess --> repo1
    install -- GH_CanAccess --> repo2
```