The workflow is not valid. .github/workflows/security.yml (Line: 8, Col: 3): Error calling workflow 'chrisns/.github/.github/workflows/security-scan.yml@main'. The nested job 'CodeQL' is requesting 'actions: read, security-events: write', but is only allowed 'actions: none, security-events: none'.