ci(unity-tests): harden pull_request_target and gate artifact upload

Address CodeRabbit security review on #1103:

- persist-credentials: false on the checkout step, so GITHUB_TOKEN is
  not written to disk and cannot be read by subsequent steps running
  PR-controlled code.
- Explicit permissions: contents: read on the testAllModes job, scoping
  the workflow's token down from the default read/write set.
- Skip upload-artifact when the main test step was skipped (e.g.,
  because the preceding domain-reload step failed without
  continue-on-error). Avoids the noisy "No files were found" error
  on top of an already-failed run.

The label-gated trigger plus these mitigations narrow the blast radius
of the pull_request_target + checkout-PR-head pattern. The remaining
trust boundary is the maintainer review before applying safe-to-test;
documenting the review checklist (especially TestProjects/UnityMCPTests
diffs) is a follow-up.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: dsarno

.github/workflows/unity-tests.yml

@@ -31,6 +31,8 @@ jobs:
   testAllModes:
     name: Test in ${{ matrix.testMode }}
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     if: >
       github.event_name != 'pull_request_target' ||
       (github.event.pull_request.head.repo.full_name != github.repository &&
@@ -50,6 +52,7 @@ jobs:
         with:
           lfs: true
           ref: ${{ inputs.ref || github.event.pull_request.head.sha || github.ref }}
+          persist-credentials: false
 
       - name: Detect Unity license secrets
         id: detect
@@ -130,7 +133,7 @@ jobs:
           fi
 
       - uses: actions/upload-artifact@v4
-        if: always() && steps.detect.outputs.unity_ok == 'true'
+        if: always() && steps.detect.outputs.unity_ok == 'true' && steps.tests.outcome != 'skipped'
         with:
           name: Test results for ${{ matrix.testMode }}
           path: ${{ steps.tests.outputs.artifactsPath }}