📝 Documentation: Exactly which granular token permissions are necessary?

[JoshuaKGoldberg]

Bug Report Checklist

• I have pulled the latest main branch of the repository.
• I have searched for related issues and found none that matched my issue.

Overview

Right now, the docs generally phrase the GitHub Personal Access Token ("PAT") required for the repository's ACCESS_TOKEN secret as needing "repo and workflow permissions". That terminology adheres to the classic PATs that I've been using.

But, GitHub now has "fine-grained" PAT support in beta. The docs should mention exactly which fine-grained token permissions are necessary (if they actually work in this template yet).

Additional Info

Mentioned by @KATT as working in https://github.com/KATT/tupleson, I hope.

[KATT]

& the contributors action seems to need different scopes (or might not work with the fine grained token - I ended up removing it)