Potential fix for code scanning alert no. 3: Workflow does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

Author: recabasic

.github/workflows/security.yml

@@ -1,5 +1,8 @@
 name: Security & Dependency Updates
 
+permissions:
+  contents: read
+
 on:
   schedule:
     # Run every Monday at 9 AM UTC
@@ -10,6 +13,9 @@ jobs:
   security-audit:
     name: Security Audit
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      issues: write
 
     steps:
     - name: Checkout code