diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
new file mode 100644
index 00000000..dce1d6ea
--- /dev/null
+++ b/.github/workflows/scorecard.yml
@@ -0,0 +1,36 @@
+name: OpenSSF Scorecard
+"on":
+ schedule:
+ - cron: 31 2 * * 1
+ push:
+ branches:
+ - master
+permissions: read-all
+jobs:
+ analysis:
+ name: Scorecard analysis
+ runs-on: ubuntu-latest
+ permissions:
+ security-events: write
+ id-token: write
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v3.1.0
+ with:
+ persist-credentials: false
+ - name: Run analysis
+ uses: ossf/scorecard-action@v2.1.2
+ with:
+ results_file: results.sarif
+ results_format: sarif
+ publish_results: true
+ - name: Upload artifact
+ uses: actions/upload-artifact@v3.1.0
+ with:
+ name: SARIF file
+ path: results.sarif
+ retention-days: 5
+ - name: Upload to code-scanning
+ uses: github/codeql-action/upload-sarif@v2.2.4
+ with:
+ sarif_file: results.sarif
diff --git a/README.md b/README.md
index af0032b0..2b697558 100644
--- a/README.md
+++ b/README.md
@@ -7,6 +7,9 @@
+
+ 
+
