2ndSetAI

2ndSetAI / good-egg

Public

Trust scoring for GitHub PR authors using graph-based ranking on contribution graphs

code-review github-action python security trust-scoring
19
0
100% credibility
Found Feb 12, 2026 at 14 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

Good Egg analyzes a GitHub user's history of merged contributions across projects to compute a personalized trust score relative to a target repository.

How It Works

1
🔍 Discover Good Egg

You learn about Good Egg, a friendly checker that rates how trustworthy someone is when they offer changes to your project by looking at their past helpful work.

2
📥 Add to your project

You easily add Good Egg to your project settings so it watches for new change offers.

3
🔑 Give viewing permission

You allow Good Egg to peek at public work histories on the platform to do its checks.

4
New change offer arrives

Someone suggests changes to your project, and Good Egg instantly reviews their background.

5
📊 See the trust rating

A clear note appears showing if they're highly trusted, somewhat known, new, or a helper bot.

6
Review with confidence

You quickly decide to accept, review closely, or chat based on their proven track record.

🥚 Build with trusted helpers

Your project thrives as Good Egg helps you welcome reliable contributors safely.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 14 to 19 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is good-egg?

Good-egg is a Python tool that scores GitHub PR authors' trustworthiness by analyzing their merged PR history across the ecosystem, using graph-based ranking personalized to your repo's language and context. It tackles the burden of trust scoring in an AI era where mass-generated PRs erode the signal of genuine contributions, delivering levels like HIGH for established devs with strong cross-project track records or LOW for newcomers needing manual review. Run it via CLI (`good-egg score --repo owner/repo`), GitHub Action for auto PR comments, or Python library for custom integrations.

Why is it gaining traction?

It stands out with dynamic trust scoring that factors recency, repo quality, and language matches—no manual vouching or simplistic metrics like follower count. The GitHub Action posts clear summaries (e.g., "HIGH Trust: 85%") with top contributions and flags bots or new accounts, plus YAML config for thresholds and an MCP server for AI tools claiming trust propagation in RAG systems. Developers hook it for github trust and safety without building from scratch.

Who should use this?

Open-source maintainers drowning in spam PRs from unknown authors. Teams enforcing github zero trust for external contributions in popular repos. Security leads automating github trust center checks before merging.

Verdict

Worth adding to your PR workflow if you review stranger PRs—solid docs, CLI, and Action make it plug-and-play despite 14 stars and 1.0% credibility score signaling early beta maturity. Test on your repos; MIT license lowers risk.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.