Consider increasing openssf score (currently 3.4 out of 10)

[nitrocode]

https://scorecard.dev/viewer/?uri=github.com/thollander/actions-comment-pull-request

https://app.stepsecurity.io/?repo=https://github.com/thollander/actions-comment-pull-request

This will increase the repo settings, actions, and code base's security posture

This is to avoid an issue like what happened to the recent tj-actions incident