Support specifying the default permissions for a GitHub Action token

By default, the GITHUB_TOKEN present in a GitHub Action workflow is overly permissive and contain write access to repository contents and releases. This presents a risk as developers may not realize the token they're passing to a linter could be used to modify the repository.

GitHub supports restricting the default GITHUB_TOKEN permissions at the enterprise/org/repo level. https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

OtterDog would benefit from adding support for this setting, and considering restricted permissions as a secure default. This setting provides a quick win for repository security without needing to change every workflows. Note: some workflows may need to add permissions which were previously granted by default, but this follows least privilege.