Remove dangerous-permissions-write feature flag suggestion from compiler errors

[Copilot]

The compiler was suggesting users enable the dangerous-permissions-write feature flag when write permissions were detected, undermining the security-first design.

Changes

Error message simplification

• Removed "Option 2" suggesting the dangerous feature flag
• Changed from conditional "Write permissions are not allowed unless..." to unconditional "Write permissions are not allowed."
• Retained only the safe fix: convert write to read permissions

Documentation updates

• Removed two-option approach from permissions reference
• Eliminated feature flag enablement guidance
• Focused migration path on automated codemod and safe outputs

Test updates

• Modified validation tests to assert dangerous flag is NOT mentioned
• Added explicit dangerous-permissions-write: true to 15+ test workflows that genuinely require write permissions for their test scenarios

Before

Write permissions are not allowed unless the 'dangerous-permissions-write' feature flag is enabled.

Found write permissions:
  - contents: write

To fix this issue, you have two options:

Option 1: Change write permissions to read:
permissions:
  contents: read

Option 2: Enable the feature flag (use with caution):
features:
  dangerous-permissions-write: true

After

Write permissions are not allowed.

Found write permissions:
  - contents: write

To fix this issue, change write permissions to read:
permissions:
  contents: read

Original prompt

The compiler should never suggest to use the dangerous-permissions-write feature flag when a user tries to use a write permission

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.