api: Update NSM state on CNCF landscape

[NikitaSkrynnik]

Decomposition

Documentation

• Contributing - add a file contributing: https://clomonitor.io/docs/topics/checks/#contributing
• Maintainers - add a file maintainers: https://clomonitor.io/docs/topics/checks/#maintainers

License

• License scanning - add a link in README.md: https://clomonitor.io/docs/topics/checks/#license-scanning

Best Practices

• Artifact Hub badge - add a link to artifacthub.io in README.md and probably update NSM state on artifacthub.io: https://clomonitor.io/docs/topics/checks/#artifact-hub-badge
• OpenSSF best practices badge - add a link to OpenSSF best practice in README.md: https://clomonitor.io/docs/topics/checks/#openssf-best-practices-badge
• OpenSSF Scorecard badge - add OpenSSF Scorecard badge and probably add OpenSSF GitHub Action: https://clomonitor.io/docs/topics/checks/#openssf-scorecard-badge

Security

• Dependencies policy - ?
• Dependency update tool - use dependabot or renovatebot to update dependencies in the repo: https://clomonitor.io/docs/topics/checks/#dependency-update-tool-from-openssf-scorecard
• Maintained - actively maintain the repo: https://clomonitor.io/docs/topics/checks/#maintained-from-openssf-scorecard
• Software bill of materials - ?
• Security insights - add a file SECURITY-INSIGHTS.yml: https://clomonitor.io/docs/topics/checks/#security-insights (spec: https://github.com/ossf/security-insights-spec/blob/v1.0.0/specification.md)
• Security policy - add a file "security: https://clomonitor.io/docs/topics/checks/#security-policy
• Signed releases - cryptographically sign release artifacts: https://github.com/ossf/scorecard/blob/main/docs/checks.md#signed-releases
• Token permissions - all GitHub workflow tokens should be read-only: https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions