mindsdb

Name: mindsdb
Rating: 0.99 (1 reviews)
Author: mindsdb

#5777 · by mindsdb

agent tool-use multi-step

0.99/ 5.00

blockedBeta

Score capped to 0.99 (raw score: 2.98) — critical/high CVE detected with no known fix. Status blocked until the vulnerability is patched.

Jun 12, 2026 at 11:03 AM6 signals analysedNo manual reviews · fully automated

Trust Signal Breakdown

high23 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

2 of 3 sub-signals with data

Known CVEs57%0.0

23 CVE(s) found — 4 unpatched

via OSV.dev

Dependency Healthno data—

Weight redistributed to sub-signals with data

Supply Chain43%4.8

583 transitive CVEs found (penalty: -0.25)

via npm provenance

Uptime, latency, error rates, and incident history

4 of 4 sub-signals with data

Uptime35%5.0

100.00% over 2 checks

via Health checks

Response Latency25%5.0

p99: 23ms, p50: 23ms

via Health checks

Error Rate20%1.0

50.00% error rate (1/2)

via Health checks

Incident History20%4.0

1 incidents in last 90 days

via Incidents table

Commit recency, release cadence, issue response, CI/CD

4 of 4 sub-signals with data

Commit Recency30%5.0

via GitHub

Release Cadence25%5.0

via GitHub

Issue Response20%1.0

via GitHub

CI/CD Presence25%5.0

via GitHub Actions

Downloads, stars, dependents, and growth trajectory

2 of 4 sub-signals with data

Download Volume55%3.0

5,129 weekly downloads

via npm / PyPI

GitHub Stars45%5.0

38,614 stars

via GitHub

Dependent Packagesno data—

Weight redistributed to sub-signals with data

Growth Trendno data—

Weight redistributed to sub-signals with data

License, documentation, security policy, changelog

4 of 4 sub-signals with data

Open Source30%3.0

Public repo with non-OSI license (noassertion)

via GitHub

Documentation25%5.0

Docs site present with comprehensive README (>2000 bytes + examples)

via GitHub

Security Policy20%5.0

SECURITY.md present

via GitHub

Changelog25%2.0

No CHANGELOG.md and no releases found

via GitHub

Track record, org maturity, community standing

4 of 4 sub-signals with data

Track Record30%4.0

Internal: 1.0 (0 services), External: 4.0 (1346 followers, 39808 stars)

via Fabric index

Org Maturity30%5.0

Organization, 8.5 years old

via GitHub

Community Standing20%4.0

50 public repositories

via GitHub

Cross-Platform20%3.0

Present on 2 platform(s): github, pypi

via Registry scan

About this score

Scored across 23 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)

Trust AssessmentAI Assessment

MindsDB is a federated query engine for AI published by mindsdb under a NOASSERTION license, positioning itself as a comprehensive MCP server solution. The service is blocked due to 22 known CVEs including critical unpatched vulnerabilities, making it not recommended for production use despite reasonable operational uptime. The lack of a standard open-source license combined with severe unaddressed security issues represents a significant deployment risk.

Generated by Fabric AI · Mar 4, 2026 at 4:53 AM

Package Availability (30d)

100.00%

p50: 23ms · p99: 23ms

Avg Latency

18ms

averaged across 30d health checks

Weekly Downloads

—

no package registry data

Incidents & Alertslast 90 days

Mar 2Critical unpatched CVE — no fix available0.99

Mar 2Trust score decreased by 1.860.99

Feb 23mindsdb added to Trust Index2.52

Showing 3 of 3 events

Score History55 snapshots

5.003.752.501.250.00

Feb 23Jun 6

Supply Chain & Dependenciestrust chain

◈

a2wsgi

pypi · ~=1.10.10

◈

aerospike

pypi · ~=13.0.0; extra == "all-handlers-extras"

◈

aiohttp

pypi · >=3.13.3; extra == "all-handlers-extras" · 31 CVEs9L5H17M

◈

aipdf

pypi · ==0.0.7.0

◈

alembic

pypi · >=1.3.3

◈

anthropic

pypi · ==0.18.1; extra == "all-handlers-extras"

Showing 6 of 240 dependencies

Data Sources6 indexed

◎

OSV.devCVE database · vulnerability scanning for npm & PyPI packages

◈

GitHub APICommits, issues, releases, repo metadata, transparency checks

⬡

npm RegistryPackage metadata, weekly downloads, maintainers, dependencies

⬡

PyPIPackage metadata, weekly downloads, dependency tree

△

HTTP Health Checks15-min pings · uptime, latency, status monitoring

◎

PyPI StatsDownload statistics and trends

Version Historyscore per release

VERSIONRELEASEDSCOREDELTA

v26.0.0Feb 25, 20262.52—

v26.0.0rc3Feb 20, 2026——

v26.0.0rc2Feb 19, 2026——

v26.0.0rc1Feb 17, 2026——

v25.14.1Jan 21, 2026——

v25.14.0Jan 19, 2026——

Showing 6 of 10 releases

Are you the publisher?

Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.

Share this Trust Score

Generate a scorecard image optimised for X, LinkedIn and other social platforms.

⬇ Download Score Card