Documentation: Specify the required OAuth scope for the access-token

[jasonleenaylor]

It would be nice to document what scope is needed for the access-token so consumers of the action can generate one with just what is needed.

[jasonleenaylor]

I withdraw my stupid question. I wasn't aware of the fact that Github automatically created the GITHUB_TOKEN that is used in the example and thought it was a placeholder for a secret that I needed to add.