[Sync] Update project files from source repository (b318071)

[mrz1836]

What Changed

• Updated MAGE_X_VERSION from v1.12.2 to v1.13.0
• Replaced real CVE exclusion examples with fake placeholder examples in NANCY_EXCLUDES and MAGE_X_CVE_EXCLUDES (CVE-2024-38513 and CVE-2023-45142 replaced with CVE-9999-12345 and CVE-9999-43210)
• Updated comments for CVE exclusions to clarify they are fake examples
• Increased GO_BROADCAST_AI_MAX_TOKENS from 2000 to 5000
• Added commented diff debugging configuration option (GO_BROADCAST_DEBUG_DIFF_PATH)
• Added explicit permissions: contents: read to three GitHub workflow jobs (dependabot-auto-merge.yml, stale-check.yml, sync-labels.yml) with comments indicating it's required for sparse checkout

Why It Was Necessary

• Upgrading MAGE_X to v1.13.0 provides access to newer features and bug fixes
• Using fake CVE examples prevents accidental acceptance of real vulnerabilities as safe defaults in the template configuration
• Increasing AI token limits allows for more comprehensive AI-generated content
• Explicit permissions declarations improve GitHub Actions security posture and clarify required access levels

Testing Performed

• Verify MAGE_X v1.13.0 compatibility with existing workflows
• Confirm GitHub Actions workflows continue to run successfully with explicit permissions
• Validate that CVE exclusion configurations still accept the correct format
• Test AI broadcast functionality with increased token limits

Impact / Risk

• Breaking Change: None - configuration changes are backwards compatible
• Risk: Low - MAGE_X version bump is a minor version increment; permission changes are additive and declarative
• Security: Improved - fake CVE examples prevent accidental vulnerability acceptance; explicit permissions follow principle of least privilege
• Performance: Potential increase in AI response times and costs with higher token limits