Fabric Documentation
The Fabric Trust Index is an open-source, public directory of trust scores for AI tools, models, MCP servers, and API services. Over 5,800 indexed services each receive a composite score from 0.00 to 5.00, computed from 23 independently scored sub-signals grouped into six weighted dimensions — all generated automatically from public data sources. The scoring engine is in active beta and is open source under AGPL-3.0.
Trust Score
The Fabric Trust Score is the core of the Trust Index. It determines whether a service is trusted, flagged for caution, or blocked outright.
Every AI service indexed by Fabric receives a composite score from 0.00 to 5.00, computed from 23 independently scored sub-signals grouped into six weighted dimensions. Each sub-signal scores 0–5 individually, then is combined with its weight within its dimension. The six dimension scores are then multiplied by their respective weights and summed to produce the final composite score.
All scoring data is generated automatically from public sources. No manual reviews. No paid placements. No provider involvement required. A provider doesn't need to opt in — or even know they're being scored — for Fabric to evaluate them.
Why 23 sub-signals? Any single metric can be gamed. Download counts can be inflated. GitHub stars can be bought. Even vulnerability databases have blind spots. The original engine used six flat signals — it worked, but was a black box. The sub-signal architecture breaks each dimension into independently verifiable components, making the scoring rationale transparent and gaming the system exponentially harder. An attacker would need to simultaneously spoof all 23 sub-signals across all six dimensions.
The six dimensions
Each dimension groups related sub-signals that measure a specific aspect of trust. Dimensions are weighted by risk — security carries more weight than popularity.
1. Vulnerability & Safety ×0.25
The highest-weighted dimension. Measures known security vulnerabilities across the package and its entire dependency tree using the OSV.dev CVE database.
Fabric scans for open CVEs at every severity level — critical, high, medium, and low. Unpatched critical vulnerabilities carry the heaviest penalty and can single-handedly drop a service into Blocked status. Even patched vulnerabilities incur smaller deductions, because they indicate the dependency was once vulnerable. Deductions scale by the square root of CVE count to avoid over-penalising high-CVE packages with many patched issues.
Supply chain depth matters. Fabric traces the full dependency tree from npm and PyPI. A package with zero direct vulnerabilities can still score poorly if its dependencies are compromised. Transitive vulnerabilities are weighted lower than direct ones, but they still count.
2. Operational Reliability ×0.15
The only dimension generated by Fabric's own infrastructure. We actively ping service endpoints for uptime, latency, error rates, and incident history — no provider can fake this one.
Services with a real, publicly reachable endpoint can achieve the highest scores. Services that only have a registry listing (e.g. an npm page with no live API) are capped below the maximum. Uptime is the primary driver, measured over a rolling 30-day window. Latency is evaluated at the p99 level — we care about worst-case, not average.
Services with no endpoint to monitor (CLI tools, local packages) receive a fallback value rather than zero, which prevents them from being unfairly penalised.
3. Maintenance Activity ×0.15
Is anyone home? Abandoned software is a security risk regardless of how clean the code is today. This dimension captures the human factor behind a project.
Fabric evaluates commit recency, release cadence, issue responsiveness, and CI/CD presence. Recent activity and consistent releases score well. Long periods of inactivity drop the score significantly.
Stable, mature projects with low commit frequency aren't penalised as heavily — release cadence and issue responsiveness carry more weight than raw commit volume. CI/CD presence (GitHub Actions workflows) is a strong signal of professional maintenance practices.
4. Adoption ×0.15
Not a security signal per se, but a strong proxy for how many eyes are on the project. High adoption means more users finding and reporting issues, more pressure to maintain quality, and a larger blast radius if something goes wrong — which motivates faster fixes.
Download volume is scored on logarithmic tiers — this means the difference between 1,000 and 10,000 downloads matters more than the difference between 10 million and 100 million. GitHub stars, download growth velocity, and category normalisation all factor in. Niche tools aren't penalised for being specialised — they're compared against peers in their category.
Adoption is gameable. This is the one dimension attackers can most easily inflate — which is why it's weighted the same as operational and maintenance, not higher. The other five dimensions act as independent checks.
5. Transparency ×0.15
Can you see what it does before you run it? Open source projects with clear documentation, proper licensing, and published schemas are inherently more trustworthy than black boxes.
Fabric evaluates source code availability, licence type (OSI-approved permissive licences score highest), documentation quality and size, security disclosure practices (SECURITY.md), and changelog presence. AI model categories have additional requirements such as published model cards.
6. Publisher Trust ×0.15
Who built this? A first-time anonymous account publishing a critical infrastructure tool is a very different risk profile than a verified organisation with many other maintained packages.
Fabric evaluates the publisher's organisation maturity (account age, organisation vs. individual), external credibility (followers, total stars across all repos), community standing (number of public repos), cross-platform identity consistency (presence on GitHub, npm, PyPI), and track record across sibling services in the index. Established publishers with long track records and verified organisational presence score highest.
The 23 sub-signals
Each dimension is composed of independently scored sub-signals. Every sub-signal has its own weight within its dimension. On any service's profile page, you can expand each dimension to see exactly which sub-signals contributed to the score.
Weight redistribution. When a sub-signal has no data (e.g. no PyPI downloads for an npm-only package), its weight is proportionally redistributed to the sub-signals within that dimension that do have data. No defaults, no faking coverage — every score reflects exactly what can be verified. A service scored with 3 of 4 sub-signals isn't penalised for missing data. It's scored accurately on what we can verify.
Vulnerability & Safety ×0.25
| Sub-signal | Weight | What it measures |
|---|---|---|
| Known CVEs | 0.40 | Starts at 5.0 with deductions per CVE based on severity and patch status. Critical unpatched: −2.0, high unpatched: −0.5, etc. Deductions scale by √count. All-patched floor: 2.5 |
| Dependency health | 0.30 | Total dependency count. <20: 5.0 (minimal), 20–49: 4.0 (low), 50–99: 3.0 (moderate), 100–300: 2.0, >300: 1.0 |
| Supply chain basics | 0.30 | Transitive CVE penalties from the full dependency tree. Critical unpatched transitive: −0.5 per CVE. Max penalty capped at −0.25 |
Operational Reliability ×0.15
| Sub-signal | Weight | What it measures |
|---|---|---|
| Uptime | 0.35 | 30-day rolling uptime %. ≥99.9%: 5.0, ≥99.5%: 4.5, ≥99.0%: 4.0, ≥95%: 3.0, ≥90%: 2.0, <90%: 1.0 |
| Response latency | 0.25 | p99 latency over 30 days. <200ms: 5.0, 200–500ms: 4.0, 500ms–1s: 3.0, 1–3s: 2.0, >3s: 1.0 |
| Error rate | 0.20 | % of non-2xx responses in 30 days. 0%: 5.0, <1%: 4.0, 1–5%: 3.0, 5–10%: 2.0, >10%: 1.0 |
| Incident history | 0.20 | Count of incidents in last 90 days. 0: 5.0, 1: 4.0, 2–3: 3.0, 4–5: 2.0, >5: 1.0 |
Maintenance Activity ×0.15
| Sub-signal | Weight | What it measures |
|---|---|---|
| Commit recency | 0.30 | Days since last push to GitHub. <7d: 5.0, 7–30d: 4.0, 30–90d: 3.0, 90–180d: 2.0, 180–365d: 1.0, >1y: 0.0 |
| Release cadence | 0.25 | Days since last GitHub release. Same tier scoring as commit recency |
| Issue responsiveness | 0.20 | Median time to close issues. <24h: 5.0, 24–72h: 4.0, 72h–1w: 3.0, 1w–1mo: 2.0, >1mo: 1.0 |
| CI/CD presence | 0.25 | Whether .github/workflows/ directory exists. Yes: 5.0, No: 2.0 |
Adoption ×0.15
| Sub-signal | Weight | What it measures |
|---|---|---|
| Download volume | 0.30 | Weekly downloads (npm + PyPI combined). Log scale: ≥10M: 5.0, ≥1M: 4.5, ≥100k: 4.0, ≥10k: 3.5, ≥1k: 3.0, ≥100: 2.0, <100: 1.0 |
| GitHub stars | 0.25 | >10k: 5.0, ≥5k: 4.0, ≥1k: 3.0, ≥100: 2.0, ≥10: 1.0, <10: 0.0 |
| Dependent packages | 0.30 | Number of packages that depend on this service. Phase 2 — not yet available; weight is redistributed |
| Growth trend | 0.15 | Week-over-week download growth rate. >+20%: 5.0, +5–20%: 4.0, −5 to +5%: 3.0, −20 to −5%: 2.0, <−20%: 1.0 |
Transparency ×0.15
| Sub-signal | Weight | What it measures |
|---|---|---|
| Open source | 0.30 | Licence tier. Permissive OSI (MIT, Apache, BSD): 5.0, Copyleft (GPL): 4.0, Source-available (BSL, SSPL): 3.0, No licence: 2.0, Closed: 0–1.0 |
| Documentation | 0.25 | README size + docs presence. Docs site + README >2kb + examples: 5.0, README >5kb: 4.0, README >500b: 3.0, <100b: 1.0. +0.5 bonus for model card (AI categories) |
| Security policy | 0.20 | Whether SECURITY.md exists. Yes: 5.0, No: 2.0 |
| Changelog | 0.25 | CHANGELOG.md + releases: 5.0, Releases only: 4.0, Changelog only: 3.0, Neither: 2.0 |
Publisher Trust ×0.15
| Sub-signal | Weight | What it measures |
|---|---|---|
| Track record | 0.30 | Uses max(internal, external) score. Internal: sibling services in Fabric index. External: GitHub followers + total org stars. Verified publishers floor at 4.0 |
| Org maturity | 0.30 | GitHub account age. ≥5y: 5.0, ≥2y: 4.0, ≥1y: 3.0, ≥6mo: 2.0, <6mo: 1.0. +0.5 bonus for Organisation accounts |
| Community standing | 0.20 | Public repos count. >100: 5.0, ≥50: 4.0, ≥10: 3.0, ≥3: 2.0, <3: 1.0 |
| Cross-platform presence | 0.20 | Number of platforms (GitHub, npm, PyPI). ≥3: 5.0, 2: 3.0, 1: 1.0 |
How scoring works
The final score is a weighted sum of all six dimensions. Within each dimension, sub-signals are independently scored on a 0–5 scale, combined by their sub-signal weights, and the resulting dimension score is multiplied by the dimension weight. The dimension weights sum to 1.00, producing a final composite score between 0.00 and 5.00.
| Dimension | Weight | Sub-signals | Primary source |
|---|---|---|---|
| Vulnerability & Safety | 25% | 3 | OSV.dev CVE database |
| Operational Reliability | 15% | 4 | Fabric Monitor (HTTP pings) |
| Maintenance Activity | 15% | 4 | GitHub API |
| Adoption | 15% | 4 | npm / PyPI download stats |
| Transparency | 15% | 4 | GitHub repo analysis |
| Publisher Trust | 15% | 4 | GitHub + npm identity |
When a sub-signal has no data (e.g. no PyPI downloads for an npm-only package), its weight is proportionally redistributed to the other sub-signals within the same dimension that do have data. This weight redistribution mechanism replaces the previous fallback value system — it ensures scores are never penalised for missing data, and every score reflects exactly what can be verified.
Confidence levels. The system tracks how many dimensions have real data. Services with 5–6 dimensions scoring are rated high confidence, 3–4 are medium, 1–2 are low, and 0 are unverified. Confidence is displayed on each service profile.
How to improve a score. Fix known vulnerabilities. Maintain uptime. Keep the project active with regular releases. Improve documentation. Verify your publisher identity. There are no shortcuts — the only way to raise a score is to improve the underlying signals.
Score thresholds
Every indexed service falls into one of three tiers based on its composite score. These labels are shown publicly on the Trust Index.
| Score | Status | Meaning |
|---|---|---|
| 3.00 – 5.00 | Trusted | Low risk across all signals. Auto-approve for agent use. |
| 1.00 – 2.99 | Caution | Some signals flagged. Require human confirmation before granting access. |
| 0.00 – 0.99 | Blocked | Significant risks detected. Deny by default. |
Trusted gate
Achieving Trusted status requires more than just a composite score above 3.00. The scoring engine applies a "trusted gate" — a data sufficiency check that prevents services with insufficient coverage from being labelled trusted prematurely.
To qualify for Trusted status, a service must:
- Have vulnerability data (the vulnerability dimension must have real data, not fallbacks)
- Have at least 4 out of 6 dimensions with real data
- Pass all safety override rules (no active critical CVEs, no deprecated packages, etc.)
If any of these conditions fail, the score is capped at 2.99 and the status is downgraded to Caution, regardless of the raw composite score.
Safety overrides
Beyond standard scoring, Fabric runs seven safety override rules that can force a service's status downward (never upward). These exist because certain conditions represent such severe risk that no combination of other signals should override them.
Vulnerability overrides (3-tier)
| Tier | Trigger | Effect |
|---|---|---|
| Critical/high unpatched | Any CVE with severity critical or high and no patch available | Vulnerability signal forced to 0, composite score capped at 0.99, status forced to Blocked |
| Critical/high patch available | CVE with severity critical or high, patch exists but not applied | Vulnerability signal capped at 1.5, composite score capped at 2.99, status downgraded to Caution |
| All patched | All known CVEs have been patched | No override — normal scoring applies |
Supply chain overrides
| Override | Trigger | Effect |
|---|---|---|
| Archived repository | The service's GitHub repository has been archived by its owner | Score capped at 0.99 — automatically Blocked. Archived repos receive no maintenance, no security patches, and no issue responses. |
| Deprecated package | The service's npm package is flagged as deprecated by its maintainer | Score capped at 0.99 — automatically Blocked. The maintainer has explicitly told users to stop using this package. |
| Repository transfer | The GitHub repository has been transferred to a different owner | Score frozen (can only decrease), −1.0 modifier applied, capped at 2.99, flagged for manual review. Telegram alert sent. |
| npm maintainer change | A maintainer has been removed from the npm package | Score frozen (can only decrease), −0.5 modifier applied, capped at 2.99. Telegram alert sent. |
Additional overrides
| Override | Trigger | Effect |
|---|---|---|
| Zero signal override | Any dimension has a genuine zero score (not a default) and status is Trusted | Downgraded to Caution, score capped at 2.99. A service with any dimension at absolute zero shouldn't be marked trusted. |
| Trusted gate | Status is Trusted but service lacks vulnerability data OR has fewer than 4 dimensions with data | Downgraded to Caution, score capped at 2.99. Ensures sufficient data coverage before granting trusted status. |
Why repo transfers matter. A legitimate repository transfer (e.g. a solo developer moving to an organisation account) looks identical to a malicious takeover at the API level. Fabric distinguishes between same-owner renames (no penalty) and different-owner transfers (frozen + penalty), but all transfers trigger review. This is the single most important safety mechanism in the scoring engine.
Overrides only push scores down. No override rule can increase a score or upgrade a status. The system is designed to be cautious — it will flag false positives that can be reviewed and cleared, but it will never miss a critical risk by applying an upward adjustment.
Data freshness
The scoring engine runs on a fixed schedule across all indexed services. Different signals are refreshed at different intervals depending on how quickly the underlying data changes.
| Job | Schedule | What it does |
|---|---|---|
| Health checks | Every 15 minutes | HTTP pings to service endpoints for uptime, latency, and error rate |
| CVE fast-path | Every 5 minutes | Checks OSV.dev delta feeds for new vulnerabilities affecting indexed packages — triggers immediate rescore on significant drops |
| CVE full scan | Hourly | Full vulnerability scan across all indexed packages and their dependency trees |
| Full collection | Daily (2am) | Runs all 23 sub-signal collectors across every service and recomputes scores |
| Watchdog | Daily (3am) | Anomaly detection across all scores — auto-fixes data quality issues and flags suspicious changes |
| Service discovery | Daily (4am–6am) | Scans 8+ sources for new AI services: npm, PyPI, GitHub topics, curated watchlist, GitHub Trending, Show HN, Product Hunt, YC Launches, plus MCP-specific sources |
When a new CVE is published that affects an indexed package, the fast-path scanner picks it up within 5 minutes and triggers an immediate score recomputation. Most scores reflect data that is at most 24 hours old, with vulnerability data being as fresh as 5 minutes and uptime data refreshed every 15 minutes.
No manual reviews. No paid placements. Trust scores are fully automated. Providers cannot pay for a higher score, request manual review, or influence their ranking. The only way to improve a score is to improve the underlying signals.
How to read a profile
Every service in the Trust Index has a dedicated profile page. Here's what each section tells you and how to use it.
Score ring
The large circular score at the top right of every profile. The ring fills proportionally to the score (0–5) and is colour-coded by status: Trusted green, Caution orange, or Blocked red. The number in the centre is the composite score to two decimal places. Below it you'll see the status label, a confidence badge (high / medium / low / unverified), and a timestamp showing when the score was last recalculated. A Beta badge indicates the scoring engine is in active beta.
Signal breakdown
Six expandable cards showing each dimension's individual score (0–5) alongside its weight percentage. Click any card to expand it and see the individual sub-signals that contributed to that dimension's score. Each sub-signal shows its name, effective weight (after redistribution), score bar, score number, a detail description, and the data source. Sub-signals without data are clearly marked and show "weight redistributed" — their weight was proportionally distributed to the sub-signals with real data.
About this score
A collapsible section below the signal breakdown showing the total number of sub-signals analysed for this service, the scoring engine version, and the current phase roadmap.
Privacy & compliance grid
A six-cell grid showing binary compliance signals: Training Opt-out, Retention Policy, SOC 2, GDPR, Model Card, and HIPAA. Each cell shows a green checkmark (confirmed), red X (not available), or grey "Unknown" (insufficient data). These are not factored into the trust score — they're supplementary context for your own evaluation.
Incident timeline
A chronological log of notable events affecting the service. Each entry is colour-coded: red for incidents, orange for degradation, blue for updates, and green for resolutions. Where possible, we show the score impact of each event (e.g. "−0.34" after a major outage, "+0.12" after a vulnerability patch). This helps you see how a score has changed over time and why.
Score history chart
A 90-day line chart showing the service's composite score over time. The gradient fill below the line is colour-coded by status. Hover over any point to see the exact score and date. Look for sudden drops (incidents), gradual declines (abandonment), or steady climbs (active improvement).
Community metrics
Aggregate usage data pulled from public sources: total downloads or runs, known integrations with agent frameworks, and community ratings from registries. These numbers provide context for the Adoption dimension — but they're shown separately so you can evaluate them independently.
Data sources
A list of every source we pulled data from to generate this profile's score. Each entry shows the source name and key stats (e.g. "GitHub · 34.2k ★ · 412 contributors"). This is our transparency layer — you can verify any claim by clicking through to the original source.
Categories
Every indexed service is assigned to one of eleven categories. Categories help you filter the directory and compare like-for-like — an LLM's Adoption dimension is normalised against other LLMs, not against the entire index.
| Category | What it includes | Examples |
|---|---|---|
| LLMs | Large language models and text generation APIs | Claude, GPT-4o, Gemini, Llama, Mistral |
| Image Generation | Text-to-image and image manipulation services | Flux Pro, DALL-E 3, Stable Diffusion, Midjourney API |
| Search | Web search, retrieval, and knowledge APIs | Perplexity, Brave Search API, Tavily, Exa |
| Code | Code generation, completion, and analysis tools | Cursor, GitHub Copilot, Codeium, Codex |
| Speech | Text-to-speech, speech-to-text, voice synthesis | Whisper, ElevenLabs, Deepgram, AssemblyAI |
| Agents | Autonomous agent frameworks and orchestration | LangChain, CrewAI, AutoGPT, OpenClaw |
| Data APIs | Structured data, enrichment, and analytics endpoints | Clearbit, ScrapingBee, Diffbot, Firecrawl |
| Embedding | Vector embedding and similarity models | OpenAI Embeddings, Cohere Embed, Voyage AI |
| Vision | Image understanding, OCR, and visual analysis | GPT-4 Vision, Claude Vision, Google Vision AI |
| Infrastructure | Model hosting, inference, and compute platforms | Replicate, Together AI, Modal, Hugging Face Inference |
| MCP Tools | Model Context Protocol servers and tool integrations | Filesystem MCP, GitHub MCP, Slack MCP, Brave MCP |
Category-normalised scoring. The Adoption dimension uses logarithmic normalisation against category peers. A niche MCP tool with 500 downloads isn't penalised against an LLM with 50 million — it's compared against other MCP tools. This prevents category bias in the overall score.
Data sources
Every trust score is built from publicly available data. No private data. No paid data feeds. No provider self-reporting. Here are the sources Fabric uses, what we pull from them, and how often.
| Source | What we pull | Refresh |
|---|---|---|
| OSV.dev | CVE advisories, severity scores, affected versions, patch availability, dependency vulnerabilities | Every 5 min (fast-path) + hourly (full) |
| GitHub API | Commit frequency, release cadence, issue response time, contributor count, licence, stars, org info, archive status, ownership changes, CI/CD workflows, README size, SECURITY.md, CHANGELOG.md | Daily |
| npm Registry | Weekly downloads, version history, dependency tree, package metadata, deprecation status, maintainer list | Daily |
| PyPI + PyPI Stats | Download counts, version history, project metadata, classifiers, yanked releases | Daily |
| Fabric Monitor | Uptime %, p50/p99 latency, error rate, HTTP status codes, endpoint reachability | Every 15 minutes |
| VirusTotal | Malware scanning, URL reputation, content safety analysis (for ClawHub skills) | On discovery |
| Smithery.ai | MCP server metadata, security scan results | Daily |
Fabric Monitor is first-party data. Every other source above is public — anyone could build a scoring system from OSV + GitHub + npm. Fabric Monitor is the only dimension generated by our own infrastructure. We actively ping service endpoints, measure latency at p50/p99, and detect downtime on a 15-minute cycle. No provider can fake this data because they don't control the measurement.
Source reliability
Not all sources are always available. When a source is temporarily unreachable (e.g. GitHub API rate limit), the sub-signal is marked as "no data" and its weight is redistributed to the other sub-signals in the same dimension. This prevents a temporary data collection failure from unfairly tanking a score.
Improving your score
Trust scores are fully automated. There is no manual review process, no paid placement, and no way to influence your score other than improving the underlying signals. Here's what actually moves the needle, ordered by impact.
Highest impact — Vulnerability & Safety (25% weight)
- Patch known CVEs promptly — unpatched critical vulnerabilities carry the steepest penalties (−2.0 per CVE) and can trigger automatic blocking
- Audit your dependency tree — transitive vulnerabilities (in your dependencies' dependencies) also count against your score
- Remove unnecessary dependencies to reduce attack surface and lower your dependency count sub-signal
- Add a SECURITY.md with a responsible disclosure process (boosts the Transparency dimension's security policy sub-signal)
High impact — Maintenance Activity (15% weight)
- Commit regularly — the commit recency sub-signal scores <7 days as 5.0 and drops steeply after 30 days
- Release regularly — a consistent release cadence is a strong positive signal
- Respond to issues promptly — <24h median response time scores 5.0
- Add CI/CD workflows — the CI/CD presence sub-signal gives 5.0 for GitHub Actions workflows vs. 2.0 without
Moderate impact — Operational Reliability (15% weight)
- Maintain strong uptime — ≥99.9% scores 5.0, measured over a rolling 30-day window
- Ensure your endpoint URL is reachable — services with a live, monitored endpoint score higher than registry-only listings
- Keep p99 latency consistent and under 500ms
Moderate impact — Adoption (15% weight)
- Grow real usage organically — the signal uses logarithmic tiers and is category-normalised
- Sustained growth in downloads is a positive signal; sustained decline is a negative one
- GitHub stars contribute — ≥5k stars scores 4.0, ≥10k scores 5.0
Moderate impact — Transparency (15% weight)
- Open source your code — permissive OSI licences (MIT, Apache) score highest at 5.0
- Write thorough documentation with code examples — README >2kb with docs site scores 5.0
- For AI models: publish a model card (+0.5 bonus)
- Add a CHANGELOG.md alongside GitHub releases for maximum score
Moderate impact — Publisher Trust (15% weight)
- Use an organisation account rather than a personal account (+0.5 bonus)
- Build a track record — account age and number of maintained repositories matter (≥5 years scores 5.0)
- Keep identity consistent across registries — presence on GitHub + npm + PyPI scores 5.0
- Grow your organisation's external credibility (followers, total stars across repos)
You cannot pay for a higher score. Not now, not ever. The only way to improve is to genuinely improve the underlying signals. This is the entire point of Fabric — scores that mean something because they can't be bought.
FAQ
Is the Trust Index free?
Yes. The Trust Index website is completely free to browse. Every score, sub-signal breakdown, incident history, and data source is publicly accessible with no account required.
Is the scoring engine open source?
Yes. The entire Fabric Trust Index — the scoring engine, all 23 sub-signal collectors, the discovery pipeline, the override system, and the watchdog — is open source under the AGPL-3.0 licence. You can audit exactly how scores are computed, verify our methodology, or build on top of the scoring infrastructure for your own use. We believe trust infrastructure should be transparent and verifiable — not a black box.
What are sub-signals?
Sub-signals are the individual, independently scored components within each of the six dimensions. For example, the Vulnerability & Safety dimension has three sub-signals: Known CVEs, Dependency Health, and Supply Chain Basics. Each sub-signal has its own weight within its dimension, and when a sub-signal lacks data, its weight is redistributed proportionally to the sub-signals that do have data. You can see every sub-signal's score by expanding the dimension cards on any service's profile page.
How often are scores updated?
Health checks (uptime/latency) run every 15 minutes. CVE fast-path scanning runs every 5 minutes, checking OSV.dev delta feeds for newly published vulnerabilities — if a significant drop is detected, a rescore is triggered immediately. The full CVE scan runs hourly. All 23 sub-signal collectors run a full sweep daily at 2am, followed by a watchdog pass at 3am that detects and auto-fixes data quality anomalies. This means vulnerability data is at most 5 minutes old, uptime data is at most 15 minutes old, and all other signals are at most 24 hours old.
Can providers game the score?
It's extremely difficult. Gaming one sub-signal has minimal effect because 22 other independent sub-signals across five other dimensions would need to be simultaneously spoofed. The highest-weighted dimension (Vulnerability & Safety) is sourced from the OSV.dev CVE database that providers can't manipulate. Operational Reliability is measured by Fabric's own monitoring infrastructure — providers don't control the measurement. Additionally, the safety override system can automatically block services that exhibit critical risk patterns (archived repos, deprecated packages, suspicious ownership transfers, npm maintainer changes), regardless of how strong their other signals are. The entire scoring engine is open source, so you can verify exactly how scores are computed.
What if my score is wrong?
Scores are algorithmically generated and may occasionally reflect stale data or edge cases. If you believe your score is inaccurate, you can use the "Report Issue" button on any profile page. We investigate all reports. Score adjustments only happen through updated data — the system has safety overrides that can cap scores downward (e.g. for critical CVEs), but no mechanism to manually inflate them.
Does being in the index require my consent?
No. The Trust Index scores services using publicly available data. It operates similarly to a search engine — if your service has a public GitHub repository, a package on npm, or a listing on Hugging Face, it may be indexed automatically. You can request delisting by contacting us, though this does not remove the underlying public data.
How are services discovered and added?
Fabric runs automated discovery scans daily against eight sources: package registries (npm, PyPI), GitHub topic search, a curated watchlist of high-profile AI platforms, GitHub Trending (Python and TypeScript), Show HN posts on Hacker News, Product Hunt AI launches, and YC Launch HN announcements. MCP servers are additionally discovered via Smithery.ai, mcp.so, and the ClawHub skills registry. When a new service is detected, it enters a metadata enrichment pipeline that automatically resolves its GitHub repository, npm package, and PyPI package from its organisation name — then it enters the scoring pipeline and appears in the index once initial data collection completes, typically within 24–48 hours. Users can also submit services for inclusion via the Trust Index.
What does "Blocked" actually mean?
A Blocked score means Fabric detected significant risk signals — typically active unpatched vulnerabilities (critical or high severity), malware indicators, an archived repository, a deprecated package, or a suspicious ownership transfer. It does not mean the service is malicious in every case, but it does mean we strongly recommend additional due diligence before using it. Some services are blocked purely because they've been abandoned by their maintainers — the code may be fine today, but nobody is patching it if a vulnerability is found tomorrow.
What is the scoring engine beta?
The scoring engine is in active beta. Sub-signal weights, data sources, and thresholds are being calibrated in real time as coverage expands across the index. Scores may shift between versions as new data sources come online and scoring logic is refined. Phase 1 (live) covers the core 23 sub-signal architecture with weight redistribution. Phase 2 (in progress) adds permission scope analysis, dependent package counts, and expanded collection sources.
Changelog
Notable changes to scoring methodology, data sources, and the Trust Index platform.
| Date | Change |
|---|---|
| 2 Mar 2026 | Updated scoring thresholds. Trusted threshold adjusted from 3.25 to 3.00. Caution range is now 1.00–2.99. Blocked remains below 1.00. |
| 2 Mar 2026 | Beta messaging. Beta badge added to all score displays, active beta disclaimer added to first-visit terms modal, about this score section added to profile pages. |
| 1 Mar 2026 | Sub-signal architecture (Phase 1). Scoring engine rebuilt from 6 flat signals to 23 independently scored sub-signals across 6 dimensions. Each sub-signal is individually verifiable. Weight redistribution replaces fallback values — when a sub-signal lacks data, its weight is proportionally distributed to sub-signals with real data. No defaults, no faking coverage. |
| 1 Mar 2026 | Rebalanced dimension weights. Maintenance Activity reduced from ×0.20 to ×0.15. Publisher Trust increased from ×0.10 to ×0.15. Operational Reliability reduced from ×0.20 to ×0.15. All five non-vulnerability dimensions now carry equal weight (15% each). |
| 1 Mar 2026 | Expandable sub-signal UI. Profile pages now show expandable cards for each dimension. Click to see individual sub-signal scores, weights, data sources, and whether data was available. |
| 1 Mar 2026 | Confidence levels. Every service now shows a confidence badge (high/medium/low/unverified) based on how many dimensions have real data. Displayed alongside the score on profile pages. |
| 1 Mar 2026 | Trusted gate. New data sufficiency check requiring vulnerability data + 4 dimensions with data to qualify for Trusted status. Prevents services with insufficient coverage from being marked trusted prematurely. |
| 28 Feb 2026 | Metadata enrichment engine. Automatic resolution of GitHub repos, npm packages, and PyPI packages from organisation names. 350 services enriched in initial backfill, resolving "No data" signals for platform-only services. |
| 27 Feb 2026 | Additional safety overrides. npm maintainer change detection (−0.5 penalty + Telegram alert), zero signal override (no dimension at absolute zero for trusted services), expanded vulnerability override tiers (critical/high unpatched, patch available, all patched). |
| 27 Feb 2026 | 8-source discovery engine. Services are now discovered from npm, PyPI, GitHub topics, curated watchlist, GitHub Trending, Show HN, Product Hunt, and YC Launches — plus MCP-specific sources (Smithery.ai, mcp.so, ClawHub). |
| 27 Feb 2026 | Batched self-chaining scoring. Full daily collection rewritten with batched self-chaining to score all 5,800+ services within Vercel function timeout limits. |
| 26 Feb 2026 | Watchdog auto-remediation. Continuous scoring watchdog with 6 anomaly detectors and 3 auto-fixers. Telegram alerts for critical events. Golden set validation ensures 38 reference services stay correctly scored. |
| 26 Feb 2026 | Sitemap and SEO. Sitemap index for 5,700+ URLs with proper filtering and pagination. Scale milestone: 5,800+ services scored. |
| 26 Feb 2026 | Post-discovery enrichment. Auto-resolve GitHub repos and packages for newly discovered services. AI-generated trust assessments for all service product pages. |
| 25 Feb 2026 | Scoring validation suite. Golden set tests, health checks, and confidence indicator. 38 reference services validated against expected score ranges. |
| 23 Feb 2026 | Scoring engine v4.0. Supply chain override system — services with archived repos, deprecated npm packages, or suspicious ownership transfers are automatically blocked. Two-tier repo transfer detection distinguishes same-owner renames from different-owner transfers. Trusted threshold raised from 2.50 to 3.25. |
| 23 Feb 2026 | Product page overhaul. 17 fixes for accuracy and real data display. Scoring engine hardened with 12 targeted security, accuracy, and code quality improvements. |
| 21 Feb 2026 | Supabase backend. Scoring engine, signal collectors, cron jobs, and auto-discovery pipeline connected to Supabase. All services migrated from static JSON to live database. |
| 20 Feb 2026 | Trust Index launch. Public directory with initial AI service coverage. Six-signal scoring engine with data from OSV.dev, GitHub, npm, PyPI, and Fabric Monitor. Three status tiers: Trusted, Caution, Blocked. |
Scoring methodology changes are always documented here. If we adjust signal weights, add new data sources, or change threshold boundaries, it will be logged with the date and rationale. Scores should be auditable.
Legal
By using Fabric's Trust Index or any other part of the Service, you agree to the following. Full legal documents are linked below — this section summarises the key points relevant to users.
Trust scores are informational, not guarantees
Fabric trust scores are algorithmically generated from public third-party data sources. They are point-in-time assessments and may not reflect the current state of any indexed service. The scoring engine is in active beta — signals, sub-signal weights, and thresholds are being calibrated as coverage expands. Scores should not be your sole basis for any decision involving data security, financial transactions, or the selection of AI tools for business-critical applications. A "Trusted" score does not mean a service is safe — it means low risk was detected at the time of scoring.
No endorsement of third-party services
Fabric does not operate, control, endorse, or guarantee any third-party service indexed in the Trust Index. We aggregate and analyse data to generate scores. We do not audit, certify, or recommend any provider. Inclusion in the index is automatic and does not imply any relationship between Fabric and the indexed service.
Limitation of liability
To the maximum extent permitted by law, Fabric shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of the Service, reliance on trust scores, or interactions with third-party services discovered through Fabric. Total aggregate liability is capped at the greater of fees paid in the preceding 12 months or USD $100.
Full legal documents
| Document | Covers |
|---|---|
| Terms of Service | Usage terms, acceptable use, intellectual property, termination, liability, dispute resolution |
| Privacy Policy | Data collection, processing, retention, security, international transfers, your rights under GDPR and Australian Privacy Act |
| Disclaimer | Score accuracy limitations, third-party data reliance, emerging technology caveats, no professional advice |
Fabric Layer Technologies Ltd. For legal enquiries, contact legal@fabriclayer.ai.