Potential fix for code scanning alert no. 1: Workflow does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

Author: DFanso

.github/workflows/build-and-release.yml

@@ -43,6 +43,8 @@ jobs:
 
   build:
     name: Build Go Binary
+    permissions:
+      contents: read
     runs-on: ${{ matrix.os }}
     needs: auto-tag
     # Always run build, even if auto-tag was skipped (e.g., for tag pushes)