Define GITHUB_TOKEN permissions to limit the scope of what audit-check can do

[vn971]

Checklist before filing an issue:

• Is this related to the actions-rs Actions?
• I've read the Contributing section about feature requests: https://github.com/actions-rs/.github/blob/master/CONTRIBUTING.md#feature-requests
• Is this something you can debug and fix? Send a pull request! Bug fixes and documentation fixes are welcome.

Motivation

I would like for the default workflow yml to include permissions for the GITHUB_TOKEN it uses.

Without this, one might fear of giving too many permissions to this github action and as a result they won't use cargo audit (which in turn means that their audits will likely be absent, which I think is not good).

If we implement this, people might be more stusting to install this Action, and its usage will therefore grow.

Workflow example

I would like to set up something like this:

permissions:
  issues: write
  pull-requests: read
  contents: read

So that GITHUB_TOKEN would have exactly the right it needs, which would in turn make me feel safer about using this Action/Workflow. I do not immediately know this list, however. The above one is random-guessed and might be invalid.

Additional context

See the full list of possible permissions: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions