ci: declare workflow-level contents: read on 3 workflows

Pins the default GITHUB_TOKEN to contents: read on the workflows in
.github/workflows/ that don't call a GitHub API beyond the initial
checkout. The other workflows in this directory are left implicit
because they need write scopes that a maintainer is better placed
to declare.

Motivation: CVE-2025-30066 (March 2025 tj-actions/changed-files
compromise) exfiltrated GITHUB_TOKEN from workflow logs. Per-workflow
caps bound runtime authority irrespective of repo or org default,
give drift protection if the default ever widens, and are credited
per-file by the OpenSSF Scorecard Token-Permissions check.

YAML validated locally with yaml.safe_load.

Signed-off-by: Arpit Jain <arpitjain099@gmail.com>

Author: arpitjain099

.github/workflows/merge_group.yml

@@ -5,6 +5,9 @@ name: Merge Queue
 on:
   merge_group:
 
+permissions:
+  contents: read
+
 jobs:
   call-core:
     uses: ./.github/workflows/suite_core.yml

.github/workflows/pypi_build.yml

@@ -25,6 +25,9 @@ on:
 env:
   TWINE_PASSWORD: ${{ secrets.PYPI_API_KEY }}
 
+permissions:
+  contents: read
+
 jobs:
   pypi-build:
     runs-on: ubuntu-latest

.github/workflows/test_hosted.yml

@@ -7,7 +7,10 @@ on:
         description: 'SHA to test (optional)'
         required: false
         type: string
-  
+
+permissions:
+  contents: read
+
 jobs:
   explore-linux:
     runs-on: linux-x86-n2-16