docs/data/reusables/actions/github-token-permissions.md

The GITHUB_TOKEN secret is set to an access token for the repository each time a job in a workflow begins. You should set the permissions for this access token in the workflow file to grant read access for the contents permission and write access for the packages permission. For more information, see "AUTOTITLE."