catboost logo

catboost

#1724 · by CatBoost Developers
infraserverlessGPU
2.99/ 5.00
cautionBeta
Score capped to 2.99 (raw score: 3.89) due to insufficient data in one or more signals. The composite is held at caution level until all signals can be fully evaluated.
Mar 4, 2026 at 11:29 PM6 signals analysedNo manual reviews · fully automated
Trust Signal Breakdown
high23 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

3 of 3 sub-signals with data

Known CVEs40%5.0

No known CVEs

via OSV.dev

Dependency Health30%5.0

10 dependencies (minimal)

via npm / PyPI

Supply Chain30%4.8

37 transitive CVEs found (penalty: -0.25)

via npm provenance

Uptime, latency, error rates, and incident history

4 of 4 sub-signals with data

Uptime35%5.0

100.00% over 7 checks

via Health checks

Response Latency25%5.0

p99: 85ms, p50: 28ms

via Health checks

Error Rate20%5.0

0.00% error rate (0/7)

via Health checks

Incident History20%2.0

4 incidents in last 90 days

via Incidents table

Commit recency, release cadence, issue response, CI/CD

4 of 4 sub-signals with data

Commit Recency30%5.0

via GitHub

Release Cadence25%4.0

via GitHub

Issue Response20%4.0

via GitHub

CI/CD Presence25%5.0

via GitHub Actions

Downloads, stars, dependents, and growth trajectory

2 of 4 sub-signals with data

Download Volume55%4.5

1,266,564 weekly downloads

via npm / PyPI

GitHub Stars45%4.0

8,824 stars

via GitHub

Dependent Packagesno data

Weight redistributed to sub-signals with data

Growth Trendno data

Weight redistributed to sub-signals with data

License, documentation, security policy, changelog

4 of 4 sub-signals with data

Open Source30%5.0

Public repo with OSI-approved license (apache-2.0)

via GitHub

Documentation25%4.0

Thorough README (>5000 bytes)

via GitHub

Security Policy20%5.0

SECURITY.md present

via GitHub

Changelog25%4.0

Releases exist but no CHANGELOG.md

via GitHub

Track record, org maturity, community standing

4 of 4 sub-signals with data

Track Record30%0.0

via Fabric index

Org Maturity30%0.0

via GitHub

Community Standing20%0.0

via GitHub

Cross-Platform20%0.0

via Registry scan

About this score
Scored across 23 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)
Trust AssessmentAI Assessment

Yandex's gradient boosting library with built-in handling of categorical features, GPU training, and strong out-of-the-box performance on structured data.

Package Availability (30d)
100.00%
p50: 28ms · p99: 85ms
Avg Latency
36ms
averaged across 30d health checks
Weekly Downloads
1.3M
PyPI weekly
Transparency & Compliance4/5 passed
Open Source CodePublic repository on GitHub
OSI LicenseLicensed under APACHE-2.0
DocumentationREADME with examples/code blocks
SECURITY.mdSecurity policy published
API DocumentationNo API documentation detected
Incidents & Alertslast 90 days
Mar 4Trust score decreased by 1.472.99
Mar 1Trust score increased by 1.244.48
Mar 1Trust score decreased by 1.233.24
Feb 24Trust score increased by 1.914.43
Feb 22catboost added to Trust Index3.40
Showing 5 of 5 events
Score History90 snapshots
5.003.752.501.250.00
Feb 22Feb 26
Community & Ecosystemadoption signals
1.3M
Weekly Downloads
PyPI
10
Releases
on GitHub
Supply Chain & Dependenciestrust chain
graphviz
pypi · *
ipython
pypi · * · 16 CVEs9L3H3M1C
ipywidgets
pypi · <9.0,>=7.0; extra == "widget"
matplotlib
pypi · *
numpy
pypi · <3.0,>=1.16.0 · 16 CVEs8L4H3M1C
pandas
pypi · <4.0,>=0.24 · 1 CVE1L
Showing 6 of 10 dependencies
Data Sources6 indexed
OSV.devCVE database · vulnerability scanning for npm & PyPI packages
GitHub APICommits, issues, releases, repo metadata, transparency checks
npm RegistryPackage metadata, weekly downloads, maintainers, dependencies
PyPIPackage metadata, weekly downloads, dependency tree
HTTP Health Checks15-min pings · uptime, latency, status monitoring
PyPI StatsDownload statistics and trends
Version Historyscore per release
VERSIONRELEASEDSCOREDELTA
node-package-v1.27.0Feb 21, 20263.40
v1.2.10Feb 19, 2026
v1.2.9Feb 18, 2026
v1.2.8Apr 13, 2025
node-package-v1.26.0Dec 7, 2024
v1.2.7Sep 7, 2024
Showing 6 of 10 releases

Are you the publisher?

Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.

Share this Trust Score

Generate a scorecard image optimised for X, LinkedIn and other social platforms.

⬇ Download Score Card