Add workflow permissions to YAML lint workflow (#39)

Declare explicit contents: read on the file-consistency GitHub Actions
workflow so GITHUB_TOKEN uses least privilege and satisfies CodeQL
rule actions/missing-workflow-permissions.

Resolves the public code scanning alert for missing workflow
permissions metadata (alert #1) in this repository.

AI-Assistance: Cursor IDE, Agent mode, Composer model.
Collaboration: standard human/AI workflow; human review and approval
before commit.
Security: addresses GitHub CodeQL finding on CI workflow permissions;
no production secrets or credentials involved.

Made-with: Cursor

Author: cjeanner

.github/workflows/yamllint.yml

@@ -1,5 +1,7 @@
 ---
 name: file-consistency
+permissions:
+  contents: read
 on:  # yamllint disable-line rule:truthy
   pull_request:
     branches: