Auditable repository-health scorecard with evidence for every point — a Claude Code agent + deterministic CLI, aligned with OpenSSF & GitHub standards. CI-ready.
-
Updated
Jun 29, 2026 - Python
Auditable repository-health scorecard with evidence for every point — a Claude Code agent + deterministic CLI, aligned with OpenSSF & GitHub standards. CI-ready.
中/英自然语言找+装+改 agent skill (Claude Code / Codex) | Cross-agent skill discovery in CN/EN. 三维评分 R/U/T + OpenSSF Scorecard + OSV 漏洞库安全审 + agent-as-LLM 架构 + 三槽位版本快照.
A Git-native secret detection CLI with pre-commit enforcement, CI scanning, and policy-as-code validation for DevSecOps pipelines.
The open code health benchmark — paste any github.com URL, or just replace github.com with stackhealth.dev. Scores security, quality, hygiene & community via a fully open formula. Free forever.
FastMCP server that provides comprehensive security analysis for software packages across multiple ecosystems. It integrates seamlessly with Claude Desktop to provide AI-powered security evaluation capabilities.
Reusable GitHub Actions workflow that scans your repo (or any external repo) with Semgrep, Gitleaks, OSV, Checkov, Trivy and SBOM, then emails a graded security report enriched with CISA KEV, FIRST EPSS and OpenSSF Scorecard.
Public model cards (Voltcrown v7.9 + lineage) and a dependency-light forecasting toolkit for the ENTSO-E load-forecast challenge — with OpenSSF Scorecard hardening.
Add a description, image, and links to the openssf-scorecard topic page so that developers can more easily learn about it.
To associate your repository with the openssf-scorecard topic, visit your repo's landing page and select "manage topics."