xcomponent-ai logo

xcomponent-ai

#245 · by xcomponent
agenttool-usemulti-step
3.64/ 5.00
trustedBeta
Mar 5, 2026 at 12:55 AM6 signals analysedNo manual reviews · fully automated
Trust Signal Breakdown
high23 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

3 of 3 sub-signals with data

Known CVEs40%5.0

No known CVEs

via OSV.dev

Dependency Health30%5.0

12 dependencies (minimal)

via npm / PyPI

Supply Chain30%4.8

11 transitive CVEs found (penalty: -0.23)

via npm provenance

Uptime, latency, error rates, and incident history

4 of 4 sub-signals with data

Uptime35%5.0

100.00% over 19 checks

via Health checks

Response Latency25%4.0

p99: 214ms, p50: 162ms

via Health checks

Error Rate20%5.0

0.00% error rate (0/19)

via Health checks

Incident History20%2.0

5 incidents in last 90 days

via Incidents table

Commit recency, release cadence, issue response, CI/CD

3 of 4 sub-signals with data

Commit Recency37%3.0

via GitHub

Release Cadence31%3.0

via GitHub

Issue Responseno data

Weight redistributed to sub-signals with data

CI/CD Presence31%5.0

via GitHub Actions

Downloads, stars, dependents, and growth trajectory

3 of 4 sub-signals with data

Download Volume43%1.0

19 weekly downloads

via npm / PyPI

GitHub Stars36%0.0

0 stars

via GitHub

Dependent Packagesno data

Weight redistributed to sub-signals with data

Growth Trend21%5.0

+72.7% week-over-week

via npm

License, documentation, security policy, changelog

4 of 4 sub-signals with data

Open Source30%3.0

Public repo with non-OSI license (noassertion)

via GitHub

Documentation25%5.0

Docs site present with comprehensive README (>2000 bytes + examples)

via GitHub

Security Policy20%2.0

No SECURITY.md found

via GitHub

Changelog25%5.0

CHANGELOG.md present and releases exist

via GitHub

Track record, org maturity, community standing

4 of 4 sub-signals with data

Track Record30%1.0

Internal: 1.0 (0 services), External: 1.0 (3 followers, 0 stars)

via Fabric index

Org Maturity30%5.0

User account, 10.7 years old

via GitHub

Community Standing20%3.0

16 public repositories

via GitHub

Cross-Platform20%3.0

Present on 2 platform(s): github, npm

via Registry scan

About this score
Scored across 23 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)
Trust AssessmentAI Assessment

LLM-first framework for AI agents (Claude, GPT) to build apps with sanctuarized business logic. Event-driven FSM runtime with multi-instance state machines, cross-component communication, event sourcing, and production-ready persistence (PostgreSQL, Mongo

Package Availability (30d)
100.00%
p50: 162ms · p99: 214ms
Avg Latency
133ms
averaged across 30d health checks
Weekly Downloads
19+73%
npm weekly
Transparency & Compliance3/5 passed
Open Source CodePublic repository on GitHub
OSI LicenseNo recognized open-source license
DocumentationREADME with examples/code blocks
SECURITY.mdNo security policy found
API DocumentationOpenAPI spec or docs directory found
Incidents & Alertslast 90 days
Mar 4Trust score increased by 0.693.68
Mar 4Trust score decreased by 0.722.99
Mar 4Trust score decreased by 0.722.99
Feb 27Trust score increased by 0.773.69
Feb 21xcomponent-ai added to Trust Index1.95
Showing 5 of 5 events
Score History26 snapshots
5.003.752.501.250.00
Feb 21Mar 5
Community & Ecosystemadoption signals
19
Weekly Downloads
npm
10
Releases
on GitHub
Supply Chain & Dependenciestrust chain
@langchain/core
npm · ^0.3.21 · 1 CVE1H
@langchain/openai
npm · ^0.3.14
@types/swagger-ui-express
npm · ^4.1.8
commander
npm · ^12.1.0
express
npm · ^4.21.2 · 5 CVEs2L3M
socket.io
npm · ^4.8.1 · 3 CVEs1H2M
Showing 6 of 12 dependencies
Data Sources6 indexed
OSV.devCVE database · vulnerability scanning for npm & PyPI packages
GitHub APICommits, issues, releases, repo metadata, transparency checks
npm RegistryPackage metadata, weekly downloads, maintainers, dependencies
PyPIPackage metadata, weekly downloads, dependency tree
HTTP Health Checks15-min pings · uptime, latency, status monitoring
PyPI StatsDownload statistics and trends
Version History
VERSIONRELEASED
v0.6.0Jan 29, 2026
v0.5.0Jan 29, 2026
v0.4.3Jan 25, 2026
v0.4.2Jan 25, 2026
v0.4.0Jan 25, 2026
v0.3.2Jan 25, 2026
Showing 6 of 10 releases

Are you the publisher?

Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.

Share this Trust Score

Generate a scorecard image optimised for X, LinkedIn and other social platforms.

⬇ Download Score Card