fix: gracefully handle fork PR comment permissions (#68)

PRs from forks run with a read-only GITHUB_TOKEN, which prevents
posting PR comments. Add continue-on-error so the comment step
fails gracefully without blocking the scan results. Scan results
remain visible in the step summary.

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Author: marc-barry

.github/workflows/container-scan.yaml

@@ -88,6 +88,7 @@ jobs:
             fs.writeFileSync('scan-result.json', JSON.stringify({ table, hasBlocking }));
 
       - name: Post scan results as PR comment
+        continue-on-error: true  # Fork PRs have read-only tokens and cannot post comments
         if: github.event_name == 'pull_request'
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
         env: