New check suggestion: Fork; is the repository a fork?

[andrelmbackman]

Is your feature request related to a problem? Please describe. It would be nice to have the scorecard evaluate whether or not the repository is a fork, if it has a parent etc. The security risk is that the project can be forked to a very similar name of the original and malicious code can be added(also called typosquatting).

Describe the solution you'd like I would simply add a check called Fork which scores high if the repository is not a fork and low if it is. Go-github has a Fork boolean in one of its structs as well as Parent and Source pointers, these would be utilized.

Describe alternatives you've considered Adding this functionality to the Client. That way it could be implemented in a probe, instead of making a completely new check.