improve security by minimizing token permissions

Hi, This follows [GitHub’s official best practices](https://docs.github.com/en/actions/reference/security/secure-use#use-secrets-for-sensitive-information) for workflows and helps improve security by minimizing token permissions.

If it's okay, could you please help review this PR? https://github.com/NTNU-IHB/FMI4cpp/pull/159