diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml
new file mode 100644
index 00000000..6ec56657
--- /dev/null
+++ b/.github/workflows/ossf-scorecard.yml
@@ -0,0 +1,18 @@
+name: OpenSSF Scorecard
+on:
+    push:
+        branches: [main]
+    schedule:
+        - cron: '30 4 * * 1'
+    workflow_dispatch:
+
+permissions: read-all
+
+jobs:
+    scorecard:
+        uses: platform-mesh/.github/.github/workflows/job-ossf-scorecard.yml@main
+        permissions:
+            security-events: write
+            id-token: write
+            contents: read
+            actions: read
diff --git a/README.md b/README.md
index eaa71a8f..1011f783 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,7 @@
 # Platform Mesh Website
 
+[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/platform-mesh/platform-mesh.github.io/badge)](https://scorecard.dev/viewer/?uri=github.com/platform-mesh/platform-mesh.github.io)
+
 This is the repository backing the website of the Platform Mesh project.
 
 ## Contributing