Mastra logo

Mastra

#118 · by GitHub Actions
framework
4.10/ 5.00
trustedBeta
Mar 5, 2026 at 7:04 AM6 signals analysedNo manual reviews · fully automated
Trust Signal Breakdown
high23 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

3 of 3 sub-signals with data

Known CVEs40%5.0

No known CVEs

via OSV.dev

Dependency Health30%5.0

19 dependencies (minimal)

via npm / PyPI

Supply Chain30%4.8

14 transitive CVEs found (penalty: -0.25)

via npm provenance

Uptime, latency, error rates, and incident history

4 of 4 sub-signals with data

Uptime35%2.0

91.67% over 12 checks

via Health checks

Response Latency25%4.0

p99: 235ms, p50: 90ms

via Health checks

Error Rate20%2.0

8.33% error rate (1/12)

via Health checks

Incident History20%3.0

2 incidents in last 90 days

via Incidents table

Commit recency, release cadence, issue response, CI/CD

4 of 4 sub-signals with data

Commit Recency30%5.0

via GitHub

Release Cadence25%5.0

via GitHub

Issue Response20%4.0

via GitHub

CI/CD Presence25%5.0

via GitHub Actions

Downloads, stars, dependents, and growth trajectory

3 of 4 sub-signals with data

Download Volume43%4.0

224,679 weekly downloads

via npm / PyPI

GitHub Stars36%5.0

21,703 stars

via GitHub

Dependent Packagesno data

Weight redistributed to sub-signals with data

Growth Trend21%2.0

-15.0% week-over-week

via npm

License, documentation, security policy, changelog

4 of 4 sub-signals with data

Open Source30%3.0

Public repo with non-OSI license (noassertion)

via GitHub

Documentation25%5.0

Docs site present with comprehensive README (>2000 bytes + examples)

via GitHub

Security Policy20%2.0

No SECURITY.md found

via GitHub

Changelog25%4.0

Releases exist but no CHANGELOG.md

via GitHub

Track record, org maturity, community standing

4 of 4 sub-signals with data

Track Record30%3.5

Internal: 3.0 (80 services), External: 3.5 (2184 followers, 7596 stars)

via Fabric index

Org Maturity30%5.0

User account, 10.7 years old

via GitHub

Community Standing20%5.0

161 public repositories

via GitHub

Cross-Platform20%3.0

Present on 2 platform(s): github, npm

via Registry scan

About this score
Scored across 23 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)
Trust AssessmentAI Assessment

TypeScript framework for building AI agents and workflows with built-in tool calling, RAG, memory, and integrations for production-ready AI applications.

Service Health (30d)
91.67%
p50: 90ms · p99: 235ms
Avg Latency
94ms
averaged across 30d health checks
Weekly Downloads
224.7k-15%
npm weekly
Transparency & Compliance3/5 passed
Open Source CodePublic repository on GitHub
OSI LicenseNo recognized open-source license
DocumentationREADME with examples/code blocks
SECURITY.mdNo security policy found
API DocumentationOpenAPI spec or docs directory found
Incidents & Alertslast 90 days
Mar 5Uptime dropped by 8.3%4.10
Mar 2Trust score increased by 1.114.50
Feb 21mastra added to Trust Index2.34
Showing 3 of 3 events
Score History85 snapshots
5.003.752.501.250.00
Feb 21Mar 5
Community & Ecosystemadoption signals
224.7k
Weekly Downloads
npm
10
Releases
on GitHub
Supply Chain & Dependenciestrust chain
@clack/prompts
npm · ^1.0.1
@expo/devcert
npm · ^1.2.1
@mastra/deployer
npm · ^1.9.0
@mastra/loggers
npm · ^1.0.2
commander
npm · ^14.0.3
dotenv
npm · ^17.2.3
Showing 6 of 19 dependencies
Data Sources6 indexed
OSV.devCVE database · vulnerability scanning for npm & PyPI packages
GitHub APICommits, issues, releases, repo metadata, transparency checks
npm RegistryPackage metadata, weekly downloads, maintainers, dependencies
PyPIPackage metadata, weekly downloads, dependency tree
HTTP Health Checks15-min pings · uptime, latency, status monitoring
PyPI StatsDownload statistics and trends
Version Historyscore per release
VERSIONRELEASEDSCOREDELTA
@mastra/core@1.9.0Mar 4, 20264.48
@mastra/core@1.8.0Mar 2, 20264.48+1.12
@mastra/core@1.7.0Feb 25, 20263.36
@mastra/core@1.6.0Feb 24, 20263.36
@mastra/core@1.5.0Feb 20, 2026
@mastra/core@1.4.0Feb 16, 2026
Showing 6 of 10 releases

Are you the publisher?

Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.

Share this Trust Score

Generate a scorecard image optimised for X, LinkedIn and other social platforms.

⬇ Download Score Card