add: baseline level 1 profile

profiles/github/security_baseline_1.yaml

@@ -0,0 +1,41 @@
+version: v1
+type: profile
+name: security_baseline_1
+display_name: Security Baseline 1
+context:
+  provider: github
+alert: "off"
+remediate: "off"
+repository:
+  # OSPS-AC-03 and OSPS-AC-04: Branch protection
+  - type: branch_protection_enabled
+    params:
+      branch: "main"
+    def: {}
+  - type: branch_protection_require_pull_requests
+    params:
+      branch: "main"
+    def:
+      required_pull_request_reviews: true
+
+  # OSPS-DO-02: Enforce CONTRIBUTING file presence
+  - type: enforce_file
+    def:
+      file: "CONTRIBUTING.md"
+      content: ""
+    params: {}
+
+  # OSPS-LE-03: Enforce license file
+  - type: enforce_file
+    def:
+      file: "LICENSE"
+      content: ""
+    params: {}
+
+  # OSPS-LE-02: Ensure OSI/FSF approved license
+  - type: permissive_license
+    def: {}
+
+  # OSPS-QA-01: Repository visibility check
+  - type: source_code_is_public
+    def: {}