Add runCognium.sh script for OWASP Benchmark scoring

Adds a script to scan BenchmarkJava with Cognium and produce a SARIF
result file compatible with the BenchmarkUtils Cognium reader.

Install: npm install -g cognium

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: 2 people

scripts/runCognium.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+# Install: npm install -g cognium
+# Check for install/updates at https://github.com/cogniumhq/cognium
+
+source scripts/requireCommand.sh
+
+requireCommand cognium
+
+benchmark_version=$(scripts/getBenchmarkVersion.sh)
+cognium_version=$(cognium --version | grep -oE '[0-9]+\.[0-9]+\.[0-9]+')
+result_file="results/Benchmark_$benchmark_version-cognium-v$cognium_version.sarif"
+
+cognium scan src/main/java --format sarif --category security --output "$result_file"