Pin eps1lon/actions-label-merge-conflict to v3.1.0 (0273be7) and add a
top-level permissions: {} so the workflow defaults to no permissions and the
job grants only contents:read and pull-requests:write.
From the workflow security audit:
- symlink-native-dirs.js: drop the execSync shell strings for fs.symlink/mkdir
(removes a latent shell-injection surface; also clears dead commented code).
- automerge.sh: add 'set -euo pipefail' and restore the starting branch on exit
so a mid-merge failure can't leave the repo on the wrong branch.
- conflict.yml: document that this pull_request_target workflow must never check
out or run PR-head code (it only labels via the API today).
