verify-action-build: run as PR validation workflow

[raboof]

The tool requires access to significant sensitive resources: your GitHub token and Docker (which essentially means it's root). It would be awesome if we could (also) run it in GitHub Actions to check new/updated actions and provide a 'green checkbox' that reviewers can rely on.

Originally posted by @dave2wave in #561 (comment)