A workflow that contains nested reusable workflows will fail if any of the nested workflows is inaccessible to the initial caller workflow.
GITHUB_TOKEN permissions can only be the same or more restrictive in nested workflows. For example, in the workflow chain A > B > C, if workflow A has package: read token permission, then B and C cannot have package: write permission.
For information on how to use the API to determine which workflow files were involved in a particular workflow run
