Open
Description
So far we had integrated the OSSF Scorecard using containers (#62), so we can run the Scorecord for any project and store the results, it is like run docker run -e GITHUB_AUTH_TOKEN=ghp_xxx --rm ghcr.io/ossf/scorecard/v5:ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4 --repo=https://github.com/org1/repo1 --show-details --format=json. But it will be interesting to see if we can also publish this information with an additional flag or similar, so the results will appear on the Oficial API.
I opened a discussion in the OSSF Slack