Locks down permissions to the job level with least privledge we can get away with

.github/workflows/pr-bot.yml

@@ -2,13 +2,15 @@ name: PR Bot
 on:
   pull_request_target:
     types: [opened]
-permissions:
-  contents: read
-  pull-requests: write
+permissions: {}
 jobs:
   pr-bot:
     name: Automated PR Bot
     runs-on: ubuntu-latest
+    permissions:
+      # labeler reads file paths; all steps add labels or post comments on PRs
+      contents: read
+      pull-requests: write
     steps:
       - name: Label PR by file path or branch name
         # see .github/labeler.yml for the labeler config