diff --git a/.github/workflows/label-pf-team-issue.yml b/.github/workflows/label-pf-team-issue.yml
new file mode 100644
index 00000000..8ead60e2
--- /dev/null
+++ b/.github/workflows/label-pf-team-issue.yml
@@ -0,0 +1,9 @@
+name: Label PF Team issues
+on:
+  issues:
+    types:
+      - opened
+jobs:
+  label:
+    uses: patternfly/.github/.github/workflows/add-pf-team-label-workflow.yml@fdb52a63a2220ec8a3b6c2d43f312cda708ffa06
+    secrets: inherit
diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml
index 430eb172..f70fd77e 100644
--- a/.github/workflows/pr-preview.yml
+++ b/.github/workflows/pr-preview.yml
@@ -1,14 +1,23 @@
 ### WARNING -- this file was generated by generate-workflows
 name: pr-preview
-on: pull_request_target
+on:
+  pull_request_target:
+  issue_comment:
+    types: [created]
 jobs:
+  check-permissions:
+    uses: patternfly/.github/.github/workflows/check-team-membership.yml@fdb52a63a2220ec8a3b6c2d43f312cda708ffa06
+    secrets: inherit
+
   build-upload:
     runs-on: ubuntu-latest
+    needs: check-permissions
+    if: needs.check-permissions.outputs.allowed == 'true'
     env:
       SURGE_LOGIN: ${{ secrets.SURGE_LOGIN }}
       SURGE_TOKEN: ${{ secrets.SURGE_TOKEN }}
       GH_PR_TOKEN: ${{ secrets.GH_PR_TOKEN }}
-      GH_PR_NUM:   ${{ github.event.number }}
+      GH_PR_NUM:   ${{ needs.check-permissions.outputs.pr-number }}
     steps:
       - uses: actions/checkout@v4
       # Yes, we really want to checkout the PR