Mar 20, 2026 at 6:16 AM6 signals analysedNo manual reviews · fully automated Trust Signal Breakdownhigh23 sub-signals across 6 dimensions
CVEs, dependency health, and supply chain integrity
2 of 3 sub-signals with data
Known CVEs57%4.7
1 CVE(s) found — 0 unpatched
via OSV.dev
Dependency Healthno data—
Weight redistributed to sub-signals with data
Supply Chain43%4.8
83 transitive CVEs found (penalty: -0.25)
via npm provenance
Uptime, latency, error rates, and incident history
4 of 4 sub-signals with data
Uptime35%5.0
99.90% over 1000 checks
via Health checks
Response Latency25%4.0
p99: 223ms, p50: 32ms
via Health checks
Error Rate20%4.0
0.10% error rate (1/1000)
via Health checks
Incident History20%3.0
3 incidents in last 90 days
via Incidents table
Commit recency, release cadence, issue response, CI/CD
3 of 4 sub-signals with data
Commit Recency37%5.0
via GitHub
Release Cadence31%4.0
via GitHub
Issue Responseno data—
Weight redistributed to sub-signals with data
CI/CD Presence31%5.0
via GitHub Actions
Downloads, stars, dependents, and growth trajectory
3 of 4 sub-signals with data
Download Volume43%4.5
3,930,791 weekly downloads
via npm / PyPI
GitHub Stars36%5.0
29,692 stars
via GitHub
Dependent Packagesno data—
Weight redistributed to sub-signals with data
Growth Trend21%5.0
+801.6% week-over-week
via npm
License, documentation, security policy, changelog
4 of 4 sub-signals with data
Open Source30%5.0
Public repo with OSI-approved license (apache-2.0)
via GitHub
Documentation25%5.0
Docs site present with comprehensive README (>2000 bytes + examples)
via GitHub
Security Policy20%2.0
No SECURITY.md found
via GitHub
Changelog25%4.0
Releases exist but no CHANGELOG.md
via GitHub
Track record, org maturity, community standing
4 of 4 sub-signals with data
Track Record30%3.5
Internal: 2.0 (1 services), External: 3.5 (1574 followers, 6479 stars)
via Fabric index
Org Maturity30%5.0
Organization, 5.4 years old
via GitHub
Community Standing20%5.0
129 public repositories
via GitHub
Cross-Platform20%5.0
Present on 3 platform(s): github, npm, pypi
via Registry scan
About this score
Scored across 23 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)
Trust AssessmentAI Assessment
High-performance open-source vector database with advanced filtering and hybrid search capabilities
Service Health (30d)
99.90%
p50: 32ms · p99: 223ms
Avg Latency
59ms
averaged across 30d health checks
Weekly Downloads
3.9M+802%
npm + PyPI weekly
Transparency & Compliance4/5 passed
Incidents & Alertslast 90 days
Score History90 snapshots
Feb 23Mar 5
Community & Ecosystemadoption signals
3.9M
Weekly Downloads
npm + PyPI
Supply Chain & Dependenciestrust chain
Showing 6 of 11 dependencies Data Sources6 indexed
◎
OSV.devCVE database · vulnerability scanning for npm & PyPI packages
◈
GitHub APICommits, issues, releases, repo metadata, transparency checks
⬡
npm RegistryPackage metadata, weekly downloads, maintainers, dependencies
⬡
PyPIPackage metadata, weekly downloads, dependency tree
△
HTTP Health Checks15-min pings · uptime, latency, status monitoring
◎
PyPI StatsDownload statistics and trends
Version History
VERSIONRELEASED
Showing 6 of 10 releases Are you the publisher?
Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.
Share this Trust Score
Generate a scorecard image optimised for X, LinkedIn and other social platforms.
⬇ Download Score Card
