Feature: Add a Tag protection check to encourage stronger access control across releases

[inferno-chromium]

Is your feature request related to a problem? Please describe.
Right now, a write/maintain role contributor can delete existing releases and replace with releases pointing to older, vulnerable commits. Read why - https://medium.com/boostsecurity/slsa-dip-source-of-the-problem-a1dac46a976. Have your release tags protected - https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules

Describe the solution you'd like
Maybe a check that encourages adding atleast one tag protection rule on existing releases. Ideally a "*" would be nice, so only admins can have those perms to replace/delete releases.

Describe alternatives you've considered
None

Additional context
None

[varunsh-coder]

I believe this was also mentioned in @mbarbero's blog post
https://mikael.barbero.tech/blog/post/eclipsefdn-scorecard-aug2022/

Also, release tags should be protected as well to prevent compromised contributors to change tags to some commit with malicious code. Note that tags protection is not currently checked by scorecard.