Tidelift provides a GitHub action to analyze your manifests, and ensure that all package releases have been evaluated against your organization's standards.
To use this action, you can follow the instructions in the repo to set up a yaml file to run the action.
Note that for each repository that you want to install the action in, you will need to set up an API key in Tidelift, and store the API key in the secrets section for that repo.