Add workflow-level permissions for Claude Code actions

The Claude Code GitHub Action requires id-token: write permission to
authenticate via OIDC. While the permissions were set at the job level,
GitHub Actions requires them at the workflow level for proper OIDC token
generation.

This commit adds workflow-level permissions to both claude.yml and
claude-code-review.yml to fix the OIDC authentication error:
"Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable"

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

Author: justin808

.github/workflows/claude-code-review.yml

@@ -10,6 +10,12 @@ on:
     #   - "src/**/*.js"
     #   - "src/**/*.jsx"
 
+permissions:
+  contents: read
+  pull-requests: read
+  issues: read
+  id-token: write
+
 jobs:
   claude-review:
     # Optional: Filter by PR author

.github/workflows/claude.yml

@@ -10,6 +10,13 @@ on:
   pull_request_review:
     types: [submitted]
 
+permissions:
+  contents: read
+  pull-requests: read
+  issues: read
+  id-token: write
+  actions: read
+
 jobs:
   claude:
     if: |