filestash logo

filestash

#1728 · by mickael-kerjean
agenttool-usemulti-step
2.99/ 5.00
cautionBeta
Score capped to 2.99 (raw score: 3.10) — critical/high CVE with patch available but not yet applied to the latest release. Status held at caution until update is applied.
Mar 5, 2026 at 8:06 AM6 signals analysedNo manual reviews · fully automated
Trust Signal Breakdown
high23 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

1 of 3 sub-signals with data

Known CVEs100%4.3

2 CVE(s) found — 2 unpatched

via OSV.dev

Dependency Healthno data

Weight redistributed to sub-signals with data

Supply Chainno data

Weight redistributed to sub-signals with data

Uptime, latency, error rates, and incident history

4 of 4 sub-signals with data

Uptime35%5.0

100.00% over 9 checks

via Health checks

Response Latency25%5.0

p99: 153ms, p50: 121ms

via Health checks

Error Rate20%1.0

44.44% error rate (4/9)

via Health checks

Incident History20%3.0

2 incidents in last 90 days

via Incidents table

Commit recency, release cadence, issue response, CI/CD

4 of 4 sub-signals with data

Commit Recency30%5.0

via GitHub

Release Cadence25%2.0

via GitHub

Issue Response20%1.0

via GitHub

CI/CD Presence25%2.0

via GitHub Actions

Downloads, stars, dependents, and growth trajectory

1 of 4 sub-signals with data

Download Volumeno data

Weight redistributed to sub-signals with data

GitHub Stars100%5.0

13,702 stars

via GitHub

Dependent Packagesno data

Weight redistributed to sub-signals with data

Growth Trendno data

Weight redistributed to sub-signals with data

License, documentation, security policy, changelog

4 of 4 sub-signals with data

Open Source30%4.0

Public repo with copyleft license (agpl-3.0)

via GitHub

Documentation25%4.0

Good README (>2000 bytes with examples)

via GitHub

Security Policy20%2.0

No SECURITY.md found

via GitHub

Changelog25%2.0

No CHANGELOG.md and no releases found

via GitHub

Track record, org maturity, community standing

4 of 4 sub-signals with data

Track Record30%3.5

Internal: 1.0 (0 services), External: 3.5 (219 followers, 14056 stars)

via Fabric index

Org Maturity30%5.0

User account, 10.7 years old

via GitHub

Community Standing20%4.0

87 public repositories

via GitHub

Cross-Platform20%1.0

Present on 1 platform(s): github

via Registry scan

About this score
Scored across 23 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)
Trust AssessmentAI Assessment

Remote Storage Access: SFTP, S3, FTP, SMB, NFS, WebDAV, GIT, FTPS, gcloud, azure blob, sharepoint, etc.

Package Availability (30d)
100.00%
p50: 121ms · p99: 153ms
Avg Latency
81ms
averaged across 30d health checks
Weekly Downloads
no package registry data
Transparency & Compliance3/5 passed
Open Source CodePublic repository on GitHub
OSI LicenseLicensed under AGPL-3.0
DocumentationREADME with examples/code blocks
SECURITY.mdNo security policy found
API DocumentationNo API documentation detected
Incidents & Alertslast 90 days
Feb 26Trust score increased by 1.113.63
Feb 24filestash added to Trust Index2.52
Showing 2 of 2 events
Score History9 snapshots
5.003.752.501.250.00
Feb 24Mar 5
Data Sources6 indexed
OSV.devCVE database · vulnerability scanning for npm & PyPI packages
GitHub APICommits, issues, releases, repo metadata, transparency checks
npm RegistryPackage metadata, weekly downloads, maintainers, dependencies
PyPIPackage metadata, weekly downloads, dependency tree
HTTP Health Checks15-min pings · uptime, latency, status monitoring
PyPI StatsDownload statistics and trends

Are you the publisher?

Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.

Share this Trust Score

Generate a scorecard image optimised for X, LinkedIn and other social platforms.

⬇ Download Score Card