fix: add proper permissions for slither-action operation

.github/workflows/branch-main.yml

@@ -9,6 +9,7 @@ permissions:
   id-token: write
   deployments: write
   checks: write
+  security-events: write
 
 # The following concurrency group queus in-progress jobs
 concurrency:

.github/workflows/pull-request.yml

@@ -8,6 +8,7 @@ permissions:
   id-token: write
   deployments: write
   checks: write
+  security-events: write
 
 # The following concurrency group cancels in-progress jobs or runs on pull_request events only
 # https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value

.github/workflows/reusable-build-and-test.yml

@@ -11,6 +11,7 @@ on:
 permissions:
   contents: read
   id-token: write
+  security-events: write
 
 jobs:
   contracts-tests:
@@ -48,14 +49,25 @@ jobs:
 
       - name: Create coverage report
         run: bun run cover
-
+
+  contracts-static-analysis:
+    name: '[contracts] Run static analysis with `slither`'
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
       - name: Make static analysis of contracts
         uses: crytic/[email protected]
         id: slither
         with:
           target: contracts
           sarif: results.sarif
           fail-on: none
+
       - name: Upload SARIF file
         uses: github/codeql-action/upload-sarif@v3
         with: