Add trailing comments to job-level write permissions in GitHub workflow files

[Copilot]

This PR completes the OpenSSF Scorecard token permissions compliance by adding missing trailing comments to job-level write permissions in GitHub workflow files.

Background

The repository already had proper root-level permissions (contents: read or read-all) for all workflow files, meeting the core OpenSSF Scorecard requirements. However, several job-level write permissions were missing the required trailing comments explaining their purpose.

Changes Made

Added trailing comments to job-level write permissions in the following workflow files:

1. benchmark.yml: Added explanatory comments for contents: write and deployments: write permissions
2. project_management_comment.yml: Added comment explaining issues: write permission
3. project_management_issue_open.yml: Added comment explaining issues: write permission
4. ossf-scorecard.yml: Converted block comments to proper trailing comments for security-events: write and id-token: write permissions

Example Changes

# Before
permissions:
  contents: write
  deployments: write

# After  
permissions:
  contents: write # required for storing benchmark results
  deployments: write # required for deployment operations

Verification

• All 13 workflow files pass the OpenSSF Scorecard permissions verification
• All YAML files remain valid after changes
• Changes are minimal and surgical, only adding required trailing comments
• Root-level permissions remain unchanged as they were already compliant
• Job-level permissions functionality is preserved with explanatory comments

The repository now fully complies with OpenSSF Scorecard token permissions requirements with proper documentation explaining the purpose of each write permission.

Fixes #73.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.