docs: clarify organization settings required for permissions (#973)

These changes would have saved me some time. Maybe this will be true for
other people as well.

<!--
Thank you for proposing a pull request! Please note that SOME TESTS WILL
LIKELY FAIL due to how GitHub exposes secrets in Pull Requests from
forks.
Someone from the team will review your Pull Request and respond.

Please describe your change and any implementation details below.
-->

---------

Signed-off-by: Eric Dubé <eric.alex.dube@gmail.com>
Signed-off-by: Jeff Ching <chingor@google.com>
Co-authored-by: Jeff Ching <chingor@google.com>

Author: KernelDeimos

README.md

@@ -90,9 +90,14 @@ steps:
 `release-please` requires a GitHub token to access the GitHub API. You configure this token via
 the `token` configuration option.
 
+If your repository is in an organization, you may need to
+[permit github actions to create an approve PRs](https://stackoverflow.com/questions/72376229).
+
 > [!WARNING]  
 > If using GitHub Actions, you will need to specify a `token` for your workflows to run on
-> Release Please's releases and PRs.
+> Release Please's releases and PRs. See [the heading below](#other-actions-on-release-please-prs).
+
+### Other Actions on Release Please PRs
 
 By default, Release Please uses the built-in `GITHUB_TOKEN` secret. However, all resources created
 by `release-please` (release tag or release pull request) will not trigger future GitHub actions workflows,