diff --git a/.github/workflows/git-pr-status-checks.yml b/.github/workflows/git-pr-status-checks.yml
index 1b640f3..f389384 100644
--- a/.github/workflows/git-pr-status-checks.yml
+++ b/.github/workflows/git-pr-status-checks.yml
@@ -7,7 +7,20 @@ concurrency:
   group: building-blocks-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
   cancel-in-progress: true
 
+permissions:
+  pull-requests: write
+  contents: write
+  packages: read
+  actions: write
+  checks: write
+  statuses: write
+
 jobs:
   pr-status-check:
-    uses: "openmcp-project/blueprint-workflows/.github/workflows/git-pr-status-checks.yml@main"
-    secrets: inherit
\ No newline at end of file
+    uses: "openmcp-project/blueprint-workflows/.github/workflows/git-pr-status-checks.yml@chore/os_preparations"
+    with:
+      HELM_OCI_REGISTRY: 'ghcr.io'
+      BUILDING_BLOCKS_GIT_REPO_URL: 'https://github.com/openmcp-project/blueprint-building-blocks.git'
+    secrets:
+      HELM_REPO_USERNAME: "${{ secrets.GITHUB_TOKEN }}"
+      HELM_REPO_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/.github/workflows/pr-status-checks-workflow-call-fork.yml b/.github/workflows/pr-status-checks-workflow-call-fork.yml
index 04de248..e769868 100644
--- a/.github/workflows/pr-status-checks-workflow-call-fork.yml
+++ b/.github/workflows/pr-status-checks-workflow-call-fork.yml
@@ -9,8 +9,21 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
   cancel-in-progress: true
 
+permissions:
+  pull-requests: write
+  contents: write
+  packages: read
+  actions: write
+  checks: write
+  statuses: write
+
 jobs:  
   pr-status-check:    
     if: ${{ github.event.pull_request.head.repo.full_name != 'openmcp-project/blueprint-building-blocks' }}
-    uses: "openmcp-project/blueprint-building-blocks/.github/workflows/git-pr-status-checks.yml@main"
-    secrets: inherit
\ No newline at end of file
+    uses: "openmcp-project/blueprint-workflows/.github/workflows/git-pr-status-checks.yml@chore/os_preparations"
+    with:
+      HELM_OCI_REGISTRY: 'ghcr.io'
+      BUILDING_BLOCKS_GIT_REPO_URL: 'https://github.com/openmcp-project/blueprint-building-blocks.git'
+    secrets:
+      HELM_REPO_USERNAME: "${{ secrets.GITHUB_TOKEN }}"
+      HELM_REPO_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/.github/workflows/pr-status-checks-workflow-call.yml b/.github/workflows/pr-status-checks-workflow-call.yml
index f6988de..5b3a2a8 100644
--- a/.github/workflows/pr-status-checks-workflow-call.yml
+++ b/.github/workflows/pr-status-checks-workflow-call.yml
@@ -9,8 +9,21 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
   cancel-in-progress: true
 
+permissions:
+  pull-requests: write
+  contents: write
+  packages: read
+  actions: write
+  checks: write
+  statuses: write
+
 jobs:  
   pr-status-check:
     if: ${{ github.event.pull_request.head.repo.full_name == 'openmcp-project/blueprint-building-blocks' }}        
-    uses: "openmcp-project/blueprint-building-blocks/.github/workflows/git-pr-status-checks.yml@main"
-    secrets: inherit
\ No newline at end of file
+    uses: "openmcp-project/blueprint-workflows/.github/workflows/git-pr-status-checks.yml@chore/os_preparations"
+    with:
+      HELM_OCI_REGISTRY: 'ghcr.io'
+      BUILDING_BLOCKS_GIT_REPO_URL: 'https://github.com/openmcp-project/blueprint-building-blocks.git'
+    secrets:
+      HELM_REPO_USERNAME: "${{ secrets.GITHUB_TOKEN }}"
+      HELM_REPO_TOKEN: "${{ secrets.GITHUB_TOKEN }}"