From e82057d4806e7414c38f9fe89d948b85f727d97d Mon Sep 17 00:00:00 2001
From: Travis Truman <trumant@gmail.com>
Date: Sun, 28 Sep 2025 13:32:38 -0400
Subject: [PATCH] refactor: AC-04.01 control for clarity

Signed-off-by: Travis Truman <trumant@gmail.com>
---
 baseline/OSPS-AC.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/baseline/OSPS-AC.yaml b/baseline/OSPS-AC.yaml
index de91931..387639f 100644
--- a/baseline/OSPS-AC.yaml
+++ b/baseline/OSPS-AC.yaml
@@ -290,8 +290,8 @@ controls:
       - id: OSPS-AC-04.01
         text: |
           When a CI/CD task is executed with no permissions specified, the
-          project's version control system MUST default to the lowest available
-          permissions for all activities in the pipeline.
+          CI/CD system MUST default the task's permissions to the lowest
+          permissions granted in the pipeline.
         applicability:
           - Maturity Level 2
           - Maturity Level 3