fix: move contents:write to job-level in release workflow

Move the contents: write permission from top-level to job-level per
OpenSSF Scorecard recommendation for least-privilege token permissions.

Co-Authored-By: Claude Opus 4.5 <[email protected]>

Author: cuioss-oliver

.github/workflows/release.yml

@@ -9,10 +9,12 @@ on:
   workflow_dispatch:
 
 permissions:
-  contents: write
+  contents: read
 
 jobs:
   release:
+    permissions:
+      contents: write
     if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch'
     uses: cuioss/cuioss-organization/.github/workflows/reusable-maven-release.yml@5b7f2938bc31b110554c8ef5b6d38659d225f096 # main
     secrets: