santhsecurity/keyhog: Grade A (99/100)

/ 100

GradeA

Well engineered for its size. A portfolio piece worth showing off.

Open-source secret scanner in Rust. Service-specific detectors, SIMD on the CPU and an optional GPU path, live verification of which leaked keys are still active, and SARIF output.

Documentation97

Engineering100

Health100

Rust81Othertoday

Outstanding. A score of 99/100 puts this repo in a very small tier of truly well-engineered projects.

Documentation

0 checks need work

Install and run instructions9pt

README documents how to install the project.

Contributing guide5pt

Contributing guide is detailed and thorough.

README12pt

100

README is present.

License6pt

100

Licensed under Other.

Engineering

100

0 checks need work

Tests18pt

100

Test files detected (benchmarks/bench/tests).

CI/CD14pt

100

CI is configured (.github/workflows/ci.yml).

Linting and formatting5pt

100

Rust linting configured (cargo clippy in CI, cargo fmt in CI).

Reproducibility6pt

100

Lockfile present (Cargo.lock). Installs are reproducible.

Issue and PR templates6pt

100

Issue or PR templates present.

Project health

100

0 checks need work

Dependency manifest6pt

100

Dependency manifest found (Cargo.toml).

Repository metadata5pt

100

Repository has a description.

Activity5pt

100

Actively maintained (pushed within the last month).

Housekeeping3pt

100

.gitignore present.

Repository health signals

Activity, community, and responsiveness at scan time

Activity

-
Commits (30d / 90d)
13
Forks
33
Releaseslatest 1mo ago

Community

-
Community health
-
authors own >50% of commits
81
Watchers

Responsiveness

9h
Median issue response
20h
Median PR merge time
0
Open issues

Repository files40 root entries

.github
Good: CI is configured (.github/workflows/ci.yml).
Good: Dependabot covers 3 ecosystems (cargo, github-actions, docker). Dependencies stay current.
Good: Issue or PR templates present.
benchmarks
Good: Test files detected (benchmarks/bench/tests).
crates
demo
detectors
docs
fuzz
metrics
ml
rules
scripts
site
tests
tools
.gitattributes
.gitignore
Good: .gitignore present.
.keyhog.toml.example
.keyhogignore
.pre-commit-config.yaml
.pre-commit-hooks.yaml
AGENTS.md
audit.toml
AUTHORS
Cargo.lock
Good: Lockfile present (Cargo.lock). Installs are reproducible.
Cargo.toml
Good: Dependency manifest found (Cargo.toml).
CHANGELOG.md
CLAUDE.md
CODE_OF_CONDUCT.md
Good: Code of conduct present.
CONTRIBUTING.md
Good: Contributing guide is detailed and thorough.
Good: Contributing guide includes setup/install instructions.
Good: Contributing guide describes code style expectations.
Good: Contributing guide explains how to run tests.
Issue: Contributing guide lacks a PR workflow section (−8 pts).Fix: Explain how to fork, branch, and open a pull request so contributors know what to expect.
Good: Contributing guide includes code examples.
deny.toml
Dockerfile
Good: Environment pinned via Dockerfile.
install.ps1
install.sh
LICENSE
Good: Licensed under Other.
LICENSE-APACHE
LICENSE-MIT
NOTICE
PUBLISHING.md
README.md
Good: README is present.
Good: README is well structured with multiple sections.
Good: README includes screenshots or visuals. Great for first impressions.
Good: README has code examples.
Good: README links to a live demo or deployed app.
Good: README includes status badges.
Good: README documents how to install the project.
Good: README documents how to run the project.
SECURITY.md
Good: Security policy present.