The openssf [scorecard](https://scorecard.dev) is a tools that generate a code (/10) this is the follow-up to good security practice for an open source project. it's an simple workflow that run on main branch.