yv1ing/z3r0: Grade F (49/100)

/ 100

Python446MIT1d ago

Getting noticed, but rough fundamentals could turn visitors away.

AI-native red-team workbench for authorized penetration testing and vulnerability research, with specialist agents, sandboxed tooling, evidence records, and replayable timelines.

Documentation

1 checks need work

Contributing guide5pt

No CONTRIBUTING.md found (−47 pts base + up to −53 pts more for content).

→ Add a CONTRIBUTING.md telling newcomers how to get involved. Include setup, code style, test, and PR instructions.

README12pt

README is present.

Install and run instructions9pt

README documents how to install the project.

License6pt

100

Licensed under MIT.

Engineering

4 checks need work

Tests18pt

No tests detected anywhere in the repository.

→ Add automated tests. They prove the code works and give contributors confidence to make changes.

CI/CD14pt

No CI configuration detected in this repository.

→ If your CI lives elsewhere (a private repo that builds this one) or this project is itself a CI/CD tool, mark this check Not Applicable. Otherwise add a GitHub Actions workflow that runs tests on each push. It takes 15 minutes and reassures contributors their changes won't break things.

Linting and formatting5pt

No linter or formatter config found.

→ Add a linter config such as .eslintrc.json, .prettierrc, ruff.toml, or .golangci.yml to enforce consistent code style.

Issue and PR templates6pt

No issue or PR templates found (−100 pts).

→ Add .github/ISSUE_TEMPLATE/ with bug_report.md and feature_request.md to guide contributors. It dramatically improves issue quality.

Reproducibility6pt

Lockfile present (requirements.txt). Installs are reproducible.

Project health

100

0 checks need work

Dependency manifest6pt

100

Dependency manifest found (requirements.txt).

Repository metadata5pt

100

Repository has a description.

Activity5pt

100

Actively maintained (pushed within the last month).

Housekeeping3pt

100

.gitignore present.

Repository health signals

Activity, community, and responsiveness at scan time

Activity

—
Commits (30d / 90d)
81
Forks
3
Releaseslatest 14d ago

Community

—
Community health
—
authors own >50% of commits
446
Watchers

Responsiveness

6h
Median issue response
—
Median PR merge time
13
Open issues

Repository files29 root entries

.z3r0
assets
core
docs
handler
middleware
model
router
sandbox
schema
scripts
service
utils
web
.dockerignore
.gitignore
Good: .gitignore present.
app.py
CHANGELOG.md
config.py
database.py
docker-compose.dev.yml
docker-compose.prod.yml
Dockerfile
Good: Environment pinned via Dockerfile.
LICENSE
Good: Licensed under MIT.
logger.py
main.py
README_zh.md
Good: README is present.
Good: README is well structured with multiple sections.
Good: README includes screenshots or visuals. Great for first impressions.
Good: README has code examples.
Good: README links to a live demo or deployed app.
Issue: No status badges in the README (−10 pts).Fix: Add CI/build status badges from shields.io or your CI provider to signal project health.
Good: README documents how to install the project.
Good: README documents how to run the project.
README.md
requirements.txt
Good: Lockfile present (requirements.txt). Installs are reproducible.
Good: Dependency manifest found (requirements.txt).