Every card below was actually executed by the lab — under-the-radar repos that installed clean and did what they claim, verified in the sandbox, not guessed from the README. From 1,473 repos tested so far.
ESAA-Security
A security auditing framework that applies the ESAA (Event-Sourced Software Architecture) pattern to automated audits.
Insight A security auditing framework that applies the ESAA (Event-Sourced Software Architecture) pattern to automated audits.
github.com/elzobrito/ESAA-Security ↗
Witness
Witness is a pluggable framework for software supply chain risk management that automates and verifies artifact provenance using the in-toto specification.
Insight Witness is a pluggable framework for software supply chain risk management that automates and verifies artifact provenance using the in-toto specification.
github.com/in-toto/witness ↗
Lumina AI Assistant
Lumina is a full-stack AI assistant that uses a hybrid RAG (Retrieval-Augmented Generation) approach combining Pinecone vector search and Neo4j graph traversal.
Insight The project has a complete file structure, multiple deployment targets (Vercel, Netlify, Docker), and clear documentation.
github.com/hoangsonww/AI-RAG-Assistant-Chatbot ↗
NexusRAG
NexusRAG is a hybrid Retrieval-Augmented Generation (RAG) system that combines vector search with a Knowledge Graph (LightRAG) and cross-encoder reranking.
Insight The project has a complete structure with a frontend (React/Vite), backend (FastAPI), and comprehensive documentation.
github.com/LeDat98/NexusRAG ↗
Jjodel Trace Explorer
A web-based visualization tool for exploring execution traces generated during the formal verification of Jjodel models.
Insight The project has a complete structure with a manifest, Dockerfile, and clear dependencies.
github.com/antbucc/jjodel-trace-explorer ↗
Traverse
A suite of static analysis tools for Solidity smart contracts that generates call graphs, test stubs, and storage maps.
Insight Installed cleanly on the first try.
github.com/calltrace/traverse ↗