Improve awslabs/iam-policy-autopilot Trust Score
Personalized improvement plan. Updated 2026-03-19.
Current Score
After Improvements
Improvement Actions
Ranked by point impact. Each action includes a copy-paste template.
1. Add SECURITY.md
A SECURITY.md file tells users how to report vulnerabilities. This is a strong trust signal.
Copy template
# Security Policy ## Supported Versions | Version | Supported | | ------- | --------- | | latest | ✅ | ## Reporting a Vulnerability Please report security vulnerabilities to [email protected] We will respond within 48 hours and provide a fix timeline. Do NOT open public issues for security vulnerabilities.
2. Add security scanning CI
Automated security scanning in CI catches vulnerabilities before they reach users.
Copy template
# .github/workflows/security.yml
name: Security Scan
on:
push:
branches: [main]
pull_request:
schedule:
- cron: '0 6 * * 1'
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
severity: 'HIGH,CRITICAL'3. Update dependencies
Outdated dependencies lower your activity score. Run dependency updates and commit.
Copy template
# For Python: pip install --upgrade -r requirements.txt pip freeze > requirements.txt # For Node: npx npm-check-updates -u npm install
4. Set up automated dependency updates
Dependabot or Renovate keeps dependencies fresh automatically.
Copy template
# .github/dependabot.yml
version: 2
updates:
- package-ecosystem: "pip"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 55. Add comprehensive README sections
READMEs with installation, usage examples, and API docs score higher.
Copy template
## Installation ```bash pip install awslabs-iam-policy-autopilot ``` ## Quick Start ```python from awslabs_iam_policy_autopilot import Client client = Client() result = client.run() print(result) ``` ## API Reference See [docs/api.md](docs/api.md) for full API documentation. ## Contributing See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
6. Add to package registries
Publishing to PyPI/npm increases discoverability and downloads.
Copy template
# PyPI: python -m build twine upload dist/* # npm: npm publish
7. Add CONTRIBUTING.md
A contributing guide encourages community participation and signals project maturity.
Copy template
# Contributing to awslabs/iam-policy-autopilot ## Getting Started 1. Fork the repository 2. Create a feature branch: `git checkout -b feature/my-feature` 3. Commit changes: `git commit -am 'Add feature'` 4. Push: `git push origin feature/my-feature` 5. Open a Pull Request ## Code Style - Follow existing code patterns - Add tests for new features - Update documentation as needed ## Bug Reports Use GitHub Issues with a clear description and reproduction steps.
8. Add .well-known/agent.json
The agent.json file makes your tool discoverable by AI agents and registries.
Copy template
{
"name": "awslabs/iam-policy-autopilot",
"description": "IAM Policy Autopilot is an open source static code analysis tool that helps you quickly create baseline AWS IAM policies that you can refine as your application evolves. This tool is available as a co",
"version": "1.0.0",
"capabilities": [],
"trust_score": "https://nerq.ai/is-awslabs-iam-policy-autopilot-safe"
}9. Add Nerq Trust Badge
The trust badge shows visitors your security rating at a glance.
Copy template
[](https://nerq.ai/is-awslabs-iam-policy-autopilot-safe)
Competitors in devops
| Name | Trust | Grade | Stars | |
|---|---|---|---|---|
| vercel/workflow | 92 | A+ | 1.8k | improve |
| proffesor-for-testing/agentic-qe | 91 | A+ | 196 | improve |
| vfarcic/dot-ai | 90 | A+ | 294 | improve |
| laravel/boost | 90 | A+ | 3.3k | improve |
| vercel-labs/agent-browser | 90 | A | 18.0k | improve |
Need help improving?
Implement these actions and your score will update automatically on the next crawl.