cyber-threat-hunting-playground/convertsigmarepo2sentinelonepq: Grade F (43/100)

cyber-threat-hunting-playground/convertsigmarepo2sentinelonepq

/ 100

Documentation74

Engineering13

Health68

Python13LGPL-2.11d ago

Grade a repo

Some interest. A stronger README and CI would help.

Scripts played by GitHub Actions that converts Sigma rules to SentinelOne PowerQuery via PySigma.

Documentation

1 checks need work

Contributing guide5pt

No CONTRIBUTING.md found (−47 pts base + up to −53 pts more for content).

→ Add a CONTRIBUTING.md telling newcomers how to get involved. Include setup, code style, test, and PR instructions.

README12pt

README is present.

Install and run instructions9pt

README documents how to install the project.

License6pt

100

Licensed under LGPL-2.1.

Engineering

5 checks need work

Tests18pt

No tests detected anywhere in the repository.

→ Add automated tests. They prove the code works and give contributors confidence to make changes.

Linting and formatting5pt

No linter or formatter config found.

→ Add a linter config such as .eslintrc.json, .prettierrc, ruff.toml, or .golangci.yml to enforce consistent code style.

Issue and PR templates6pt

No issue or PR templates found (−100 pts).

→ Add .github/ISSUE_TEMPLATE/ with bug_report.md and feature_request.md to guide contributors. It dramatically improves issue quality.

Reproducibility6pt

No dependency lockfile found (−70 pts).

→ Commit poetry.lock, uv.lock, pdm.lock, Pipfile.lock, conda-lock.yml, or another lockfile for your Python dependency manager.

CI/CD14pt

CI is configured (.github/workflows/hijacklibs-to-s1pq-converter-windows-file_writes-markdown.yml).

Project health

1 checks need work

Dependency manifest6pt

No dependency manifest detected at root.

→ Add a manifest (package.json, pyproject.toml, Cargo.toml, go.mod, etc.) so others can install dependencies in one command.

Repository metadata5pt

100

Repository has a description.

Activity5pt

100

Actively maintained (pushed within the last month).

Housekeeping3pt

100

.gitignore present.

Repository health signals

Activity, community, and responsiveness at scan time

Activity

—
Commits (30d / 90d)
3
Forks
0
Releases

Community

—
Community health
—
authors own >50% of commits
13
Watchers

Responsiveness

—
Median issue response
<1h
Median PR merge time
0
Open issues

Repository files26 root entries

.github
Good: CI is configured (.github/workflows/hijacklibs-to-s1pq-converter-windows-file_writes-markdown.yml).
Good: Dependabot configured for pip.
datasources
images
results
S1PQ-HijackLibs-windows-image_load
S1PQ-rules-linux-network_connection
S1PQ-rules-linux-process_creation
S1PQ-rules-macos-file_event
S1PQ-rules-macos-process_creation
S1PQ-rules-threat-hunting-windows-process_creation
S1PQ-rules-windows-dns_query
S1PQ-rules-windows-image_load
S1PQ-rules-windows-process_creation
SentinelOne_PQ - LOLRMM
transformers
.gitignore
Good: .gitignore present.
Example Workflow.md
LICENSE
Good: Licensed under LGPL-2.1.
LOLRMM
lolrmm-to-s1pq-converter-create_markdown.py
README.md
Good: README is present.
Good: README is well structured with multiple sections.
Good: README includes screenshots or visuals. Great for first impressions.
Good: README has code examples.
Issue: No live demo link in the README (−20 pts).Fix: Link to a deployed version, docs site, or demo video. Users want to see it running.
Good: README includes status badges.
Good: README documents how to install the project.
Good: README documents how to run the project.
sigma
sigma-to-s1pq-converter-linux-network_connection-markdown.py
sigma-to-s1pq-converter-win-dns_query-markdown.py
sigma-to-s1pq-converter-win-process_creation-markdown.py
sigma-to-s1pq-converter.py