Installation fails - Githubissues

Hello, I created a centos 7 minimal virtual machine, installed docker, and ran: docker run -e GITHUB_AUTH_TOKEN=my token gcr.io/openssf/scorecard:latest --show-details --repo=https://github.com/ossf/scorecard

Then I got those errors:

--------	------------	-----------------------------	-------------------------------------------------------------------------
Fail	10	CII-Best-Practices	no badge found
--------	------------	-----------------------------	-------------------------------------------------------------------------
Fail	10	Fuzzing
--------	------------	-----------------------------	-------------------------------------------------------------------------
Fail	10	Packaging	!! not a packaging workflow:
			.github/workflows/codeql-analysis.yml
			!! not a packaging workflow:
			.github/workflows/goreleaser.yaml
			!! not a packaging workflow:
			.github/workflows/integration.yml
			!! not a packaging workflow:
			.github/workflows/main.yml
			!! not a packaging workflow:
			.github/workflows/ok-to-test.yml
			!! not a packaging workflow:
			.github/workflows/stale.yml
			!! not a packaging workflow:
			.github/workflows/verify.yml
--------	------------	-----------------------------	-------------------------------------------------------------------------
Fail	3	Signed-Releases	release found: v2.0.0 signed release artifact
			found: scorecard_2.0.0_checksums.txt.sig, url:
			https://api.github.com/repos/ossf/scorecard/releases/assets/39433151
			release found: v1.2.0 signed release artifact
			found: scorecard_1.2.0_checksums.txt.sig, url:
			https://api.github.com/repos/ossf/scorecard/releases/assets/33614699
			release found: v1.1.1 signed release artifact
			found: scorecard_1.1.1_checksums.txt.sig, url:
			https://api.github.com/repos/ossf/scorecard/releases/assets/32226313
			release found: v1.1.0 !! release v1.1.0 has no signed artifacts
			found signed artifacts for 3 out of 4 releases
--------	------------	-----------------------------	-------------------------------------------------------------------------
Fail	4	Signed-Tags	!! unable to find the annotated commit:
			87997ffb5724cb479223a08a2890c60b0ea4bfbd
			!! unverified tag found: v1.1.0, commit:
			f2c633854602cf0c8f33164a169fb0a8454bee01,
			reason: unsigned verified
			tag found: v1.1.1, commit:
			c12de481b2bb26de41f81e905036c6ec4fe739b8
			verified tag found: v1.2.0, commit:
			30f1eb3da2267135b51fc28c3dfeb0460e2584cb
			verified tag found: v2.0.0, commit:
			bcbe2731d52761e97f40efe740c4ed01cbb48655
			found 3 out of 5 verified tags
--------	------------	-----------------------------	-------------------------------------------------------------------------
Fail	10	Token-Permissions	!! token-permissions/github-token
			- no permission defined in
			.github/workflows/codeql-analysis.yml
			!! token-permissions/github-token
			- no permission defined in
			.github/workflows/goreleaser.yaml
			!! token-permissions/github-token
			- no permission defined in
			.github/workflows/integration.yml
			!! token-permissions/github-token
			- no permission defined in
			.github/workflows/main.yml !!
			token-permissions/github-token
			- pull-requests permission
			set to 'write' in
			.github/workflows/ok-to-test.yml
			!! token-permissions/github-token
			- no permission defined in
			.github/workflows/stale.yml !!
			token-permissions/github-token
			- no permission defined in
			.github/workflows/verify.yml
--------	------------	-----------------------------	-------------------------------------------------------------------------

I cant seem to understand what the problem is and where I went wrong, im running it on a clean virtual machine with clean docker installation. if I could get some help that would be much appriciated, thanks!

ossf / scorecard

Installation fails #708