diff --git a/.github/workflows/bots-automerge.yml b/.github/workflows/bots-automerge.yml
index 9881de5..5cf7b2e 100644
--- a/.github/workflows/bots-automerge.yml
+++ b/.github/workflows/bots-automerge.yml
@@ -10,30 +10,24 @@ permissions:
 jobs:
   bot-automerge:
     runs-on: ubuntu-latest
+    # Check the pull request author.
     if: |
-      github.actor == 'red-hat-konflux[bot]' ||
-      github.actor == 'dependabot[bot]' ||
-      github.actor == 'InsightsDroid'
+      github.event.pull_request.user.login == 'dependabot[bot]' ||
+      github.event.pull_request.user.login == 'red-hat-konflux[bot]' ||
+      github.event.pull_request.user.login == 'InsightsDroid'
     steps:
+      # NOTE: PR approval does not work on PRs from forks
       - name: Github Actions bot approves the PR
         run: gh pr review --approve "$PR_URL"
         env:
-            PR_URL: ${{github.event.pull_request.html_url}}
-            GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{ github.token }}
       - name: InsightsDroid approves the PR
         run: gh pr review --approve "$PR_URL"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
           GH_TOKEN: ${{secrets.INSIGHTSDROID_TOKEN}}
       - name: Enable auto-merge for Dependabot PRs
-        # We can filter depending on the semver major, minor, or patch updates,
-        # but let's not do it for now
-        #   - name: Dependabot metadata
-        #     id: metadata
-        #     uses: dependabot/fetch-metadata@v1
-        #     with:
-        #       github-token: "${{ secrets.GITHUB_TOKEN }}"
-        # if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
         run: gh pr merge --auto --merge "$PR_URL"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}