fix: adding required permissions to top level and jobs in the workflow (#3740)

Signed-off-by: Gagan H R <hrgagan4@gmail.com>

.github/workflows/vulnerability-scan.yaml

@@ -1,9 +1,6 @@
 name: Trivy Vulnerability Scanner
 
-permissions:
-  issues: write
-  contents: read
-  security-events: write
+permissions: {}
 
 on:
   pull_request:
@@ -19,6 +16,10 @@ jobs:
   scan:
     name: Scan for Vulnerabilities
     runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      contents: read
+      security-events: write
     steps:
       - name: Checkout code
         uses: actions/checkout@v6.0.2