Document permissions for github action?

[WildOrangutan]

Maybe document required permissions, for the action to work?

I feel like we can avoid some friction like that, when setting up the action 🙂

permissions:          
  contents: read      
  pull-requests: write

[gdesantos]

Totally agree on this :)