driftdetect logo

driftdetect

#698 · by dadbodgeoff
infraserverlessGPU
3.28/ 5.00
trustedBeta
Mar 3, 2026 at 7:21 AM6 signals analysedNo manual reviews · fully automated
Trust Signal Breakdown
high23 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

3 of 3 sub-signals with data

Known CVEs40%5.0

No known CVEs

via OSV.dev

Dependency Health30%5.0

13 dependencies (minimal)

via npm / PyPI

Supply Chain30%5.0

Supply chain analyzed, no transitive CVEs

via npm provenance

Uptime, latency, error rates, and incident history

4 of 4 sub-signals with data

Uptime35%5.0

100.00% over 4 checks

via Health checks

Response Latency25%5.0

p99: 196ms, p50: 173ms

via Health checks

Error Rate20%5.0

0.00% error rate (0/4)

via Health checks

Incident History20%4.0

1 incidents in last 90 days

via Incidents table

Commit recency, release cadence, issue response, CI/CD

4 of 4 sub-signals with data

Commit Recency30%4.0

via GitHub

Release Cadence25%2.0

via GitHub

Issue Response20%4.0

via GitHub

CI/CD Presence25%2.0

via GitHub Actions

Downloads, stars, dependents, and growth trajectory

3 of 4 sub-signals with data

Download Volume43%1.0

88 weekly downloads

via npm / PyPI

GitHub Stars36%2.0

755 stars

via GitHub

Dependent Packagesno data

Weight redistributed to sub-signals with data

Growth Trend21%1.0

-73.1% week-over-week

via npm

License, documentation, security policy, changelog

4 of 4 sub-signals with data

Open Source30%2.0

Public repo but no license detected

via GitHub

Documentation25%2.0

Minimal README (407 bytes)

via GitHub

Security Policy20%2.0

No SECURITY.md found

via GitHub

Changelog25%2.0

No CHANGELOG.md and no releases found

via GitHub

Track record, org maturity, community standing

4 of 4 sub-signals with data

Track Record30%2.0

Internal: 2.0 (1 services), External: 1.5 (7 followers, 771 stars)

via Fabric index

Org Maturity30%2.0

User account, 0.7 years old

via GitHub

Community Standing20%3.0

10 public repositories

via GitHub

Cross-Platform20%3.0

Present on 2 platform(s): github, npm

via Registry scan

About this score
Scored across 23 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)
Trust AssessmentAI Assessment

Codebase pattern detection for AI agents - scans your code, learns conventions, feeds context to Claude/Cursor/Copilot via MCP. Static analysis for TypeScript, Python, C#, Java, PHP.

Package Availability (30d)
100.00%
p50: 173ms · p99: 196ms
Avg Latency
143ms
averaged across 30d health checks
Weekly Downloads
88-73%
npm weekly
Transparency & Compliance1/5 passed
Open Source CodePublic repository on GitHub
OSI LicenseNo recognized open-source license
DocumentationREADME missing or lacks examples
SECURITY.mdNo security policy found
API DocumentationNo API documentation detected
Incidents & Alertslast 90 days
Feb 21driftdetect added to Trust Index2.54
Showing 1 of 1 events
Score History7 snapshots
5.003.752.501.250.00
Feb 21Mar 1
Community & Ecosystemadoption signals
88
Weekly Downloads
npm
Supply Chain & Dependenciestrust chain
@inquirer/prompts
npm · ^7.0.0
chalk
npm · ^5.3.0 · 1 CVE1L
cli-progress
npm · ^3.12.0
cli-table3
npm · ^0.6.5
commander
npm · ^12.1.0
driftdetect-core
npm · 0.9.47
Showing 6 of 13 dependencies
Data Sources6 indexed
OSV.devCVE database · vulnerability scanning for npm & PyPI packages
GitHub APICommits, issues, releases, repo metadata, transparency checks
npm RegistryPackage metadata, weekly downloads, maintainers, dependencies
PyPIPackage metadata, weekly downloads, dependency tree
HTTP Health Checks15-min pings · uptime, latency, status monitoring
PyPI StatsDownload statistics and trends

Are you the publisher?

Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.

Share this Trust Score

Generate a scorecard image optimised for X, LinkedIn and other social platforms.

⬇ Download Score Card