fix: stable sync secret

[Qbandev]

Fix: Add missing secret declaration to stable-sync workflow

What is the current state and why does it need to change?

The stable-sync.yml reusable workflow is failing validation when called from other workflows (e.g., metamask-extension's stable-branch-sync.yml)
The workflow uses a GitHub token internally for creating pull requests but doesn't declare that it accepts this secret when called via workflow_call, causing validation failures in caller workflows.

What is the solution?

This PR adds the missing secrets section to the workflow_call trigger, explicitly declaring that the workflow accepts a github-token secret. The changes include:

• Added secrets.github-token declaration to the workflow_call trigger (required: true)
• Updated the internal reference from ${{ secrets.GITHUB_TOKEN }} to ${{ secrets.github-token }} for consistency
• Made the secret required since PR creation will fail without it

Related Issues

• Fixes workflow validation errors in repositories using this shared workflow
• Enables proper secret passing from caller workflows like metamask-extension/.github/workflows/stable-branch-sync.yml

[Copilot]

Pull Request Overview

This PR fixes a validation error in the stable-sync.yml reusable workflow by properly declaring the GitHub token secret that the workflow requires for creating pull requests.

• Adds missing secrets declaration to the workflow_call trigger
• Updates internal token reference to use the declared secret parameter
• Makes the secret required since PR creation functionality depends on it

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}