✨ Add aggregated score

[laurentsimon]

• Please check if the PR fulfills these requirements

• Tests for the changes have been added (for bug fixes / features)
• PR title follows the guidelines defined in https://github.com/ossf/scorecard/blob/main/CONTRIBUTING.md#pr-process

• What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
  feature

• What is the current behavior? (You can also link to an open issue here)
  see Need an aggregate risk score, ideally configurable (need for 3.0) #1040

• What is the new behavior (if this is a feature change)?
  see Need an aggregate risk score, ideally configurable (need for 3.0) #1040

• Does this PR introduce a breaking change? (What changes might users need to make in their application due to this PR?)
  no

• Other information:
  close Need an aggregate risk score, ideally configurable (need for 3.0) #1040

I am hesitant to make this parameterized right now because it will add a command we need to support/maintain. Once we've decided how to use config files, we can tackle it.

Please comment on how weights should be set.

Note: I re-run make generate-docs, which picked up David's changes from the YAML file not yet committed to the .md.

[laurentsimon]

@olivekl can you update your readme PR with some info on the aggregate score?

1. Update the run example output
2. Give a short sentence about it. The weights for calculating the aggregate scores are defined in https://github.com/ossf/scorecard/pull/1046/files#diff-9359395c0ce37bd4ecafda90038687c68381446dd8ed1c93674d9401faa7e494R98
   The risk information is taken from the yaml config file.
   Note that we currently do not have checks with risk set to Critical.