Trust Signal Breakdown high 23 sub-signals across 6 dimensions
Vulnerability & Safety ×0.25 5.0 CVEs, dependency health, and supply chain integrity
3 of 3 sub-signals with data
Known CVEs 40% 5.0
No known CVEs
via OSV.dev
Dependency Health 30% 5.0
3 dependencies (minimal)
via npm / PyPI
Supply Chain 30% 5.0
1 transitive CVEs found (penalty: -0.03)
via npm provenance
Operational Reliability ×0.15 3.5 Uptime, latency, error rates, and incident history
4 of 4 sub-signals with data
Uptime 35% 4.5
99.84% over 631 checks
via Health checks
Response Latency 25% 2.0
p99: 2025ms, p50: 749ms
via Health checks
Error Rate 20% 4.0
0.16% error rate (1/631)
via Health checks
Incident History 20% 3.0
2 incidents in last 90 days
via Incidents table
Maintenance Activity ×0.15 4.0 Commit recency, release cadence, issue response, CI/CD
4 of 4 sub-signals with data
Commit Recency 30% 5.0
via GitHub
Release Cadence 25% 4.0
via GitHub
Issue Response 20% 1.0
via GitHub
CI/CD Presence 25% 5.0
via GitHub Actions
Adoption ×0.15 3.6 Downloads, stars, dependents, and growth trajectory
3 of 4 sub-signals with data
Download Volume 43% 3.5
18,741 weekly downloads
via npm / PyPI
GitHub Stars 36% 3.0
2,902 stars
via GitHub
Dependent Packages no data —
Weight redistributed to sub-signals with data
Growth Trend 21% 5.0
+23.2% week-over-week
via npm
Transparency ×0.15 4.4 License, documentation, security policy, changelog
4 of 4 sub-signals with data
Open Source 30% 5.0
Public repo with OSI-approved license (mit)
via GitHub
Documentation 25% 5.0
Docs site present with comprehensive README (>2000 bytes + examples)
via GitHub
Security Policy 20% 2.0
No SECURITY.md found
via GitHub
Changelog 25% 5.0
CHANGELOG.md present and releases exist
via GitHub
Publisher Trust ×0.15 4.5 Track record, org maturity, community standing
4 of 4 sub-signals with data
Track Record 30% 4.5
Internal: 4.0 (22 services), External: 4.5 (4987 followers, 55749 stars)
via Fabric index
Org Maturity 30% 5.0
User account, 13.3 years old
via GitHub
Community Standing 20% 5.0
164 public repositories
via GitHub
Cross-Platform 20% 3.0
Present on 2 platform(s): github, npm
via Registry scan
Scored across 23 sub-signals in 6 dimensions Scoring engine v1 (beta) — actively being expanded Phase 1: Core sub-signal architecture (live) Phase 2: Permission scope & expanded collection (in progress)
Trust Assessment AI Assessment
@ruvector/ruvllm is an MIT/Apache-2.0 licensed LLM orchestration library by ruvnet featuring SONA adaptive learning, HNSW memory, and SIMD inference capabilities. The package shows strong operational reliability (100% uptime) and zero known vulnerabilities, with minimal dependencies (3 total) and steady adoption at 14.2K weekly downloads. With a single maintainer and relatively new presence, production use should include monitoring for continued maintenance activity and community support growth.
Generated by Fabric AI · Mar 4, 2026 at 4:11 AM
Service Health (30d)
99.84%
p50: 749ms · p99: 2025ms
Avg Latency
855ms
averaged across 30d health checks
Weekly Downloads
—
no package registry data
Incidents & Alerts last 90 days
Score History 90 snapshots
Feb 22 Mar 5
Supply Chain & Dependencies trust chain
Showing 3 of 3 dependencies
Data Sources 6 indexed
◎
OSV.dev CVE database · vulnerability scanning for npm & PyPI packages
◈
GitHub API Commits, issues, releases, repo metadata, transparency checks
⬡
npm Registry Package metadata, weekly downloads, maintainers, dependencies
⬡
PyPI Package metadata, weekly downloads, dependency tree
△
HTTP Health Checks 15-min pings · uptime, latency, status monitoring
◎
PyPI Stats Download statistics and trends
Version History score per release
VERSION RELEASED SCORE DELTA
Showing 6 of 10 releases Show more →
Are you the publisher? Claim this profile to unlock deeper evaluation, real-time monitoring,
Claim Provider Report Issue
Share this Trust Score Generate a scorecard image optimised for X, LinkedIn and other social platforms.
⬇ Download Score Card
