fix(ci): harden GitHub Actions workflow permissions

Author: phipag

.github/workflows/security-dependencies-check.yml

@@ -13,15 +13,14 @@ on:
 name: Verify Dependencies
 run-name: Verify Dependencies – ${{ github.event_name }}
 
-permissions:
-  contents: read
+permissions: {}
 
 jobs:
   verify:
     runs-on: ubuntu-latest
     permissions:
-      contents: read
-      pull-requests: write
+      contents: read       # checkout repository and read dependency snapshots
+      pull-requests: write # post review comments
     steps:
       - name: Checkout Repository
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2