Improves the automated submodule update PRs by making the build result
visible directly in the PR body, since github-actions[bot]-created PRs
cannot trigger pull_request events and therefore cannot produce native
PR checks.

Changes

update-submodule.yaml

• Add actions: write permission so GITHUB_TOKEN can call createWorkflowDispatch
• Add test results table to the PR body with ⏳ pending placeholder

update-pr-build-status.yaml (new)

• Listens for Test build workflow runs to complete via workflow_run
• Only updates PRs for bot-created submodule update branches (chore/update-*
  triggered via workflow_dispatch) — skips human PRs to avoid unintended updates
• Replaces the ⏳ pending placeholder with the actual result (✅/❌) and
  a direct link to the run so reviewers can inspect the build logs

Why not a native PR check?

GitHub suppresses pull_request events for github-actions[bot] authors to
prevent infinite loops. pull_request_target is also suppressed for bot authors.
The Checks API requires a GitHub App token — GITHUB_TOKEN is not accepted.
workflow_dispatch runs do not appear as PR checks regardless of permissions.
This PR body approach is the best achievable result without a GitHub App or PAT.