ci: use GitHub App token to enable automatic workflow triggering

The prepare-release workflow now uses GH_APP_TOKEN instead of
GITHUB_TOKEN to push commits and tags. This allows the tag push
to automatically trigger the release workflow without manual
intervention.

GITHUB_TOKEN cannot trigger other workflows due to GitHub's
security policy to prevent infinite workflow loops.

Added documentation in .github/GH_APP_TOKEN.md explaining the
token setup and requirements.

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

.github/workflows/prepare-release.yaml

@@ -1,5 +1,8 @@
 name: Prepare Release
 
+# Uses GitHub App token (GH_APP_TOKEN) to trigger the release workflow
+# GITHUB_TOKEN cannot trigger other workflows due to GitHub security policy
+
 on:
   workflow_dispatch:
     inputs:
@@ -24,7 +27,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.GH_APP_TOKEN }}
 
       - name: Configure git
         run: |