Ensure the GitHub action created by Github has restrictions

GitHub action permissions are restricted with allowed_actions set to selected, and others will implement a whitelist security policy also for actions created by Github