Improve VoltAgent/voltagent Trust Score
Personalized improvement plan. Updated 2026-03-18.
Current Score
After Improvements
Improvement Actions
Ranked by point impact. Each action includes a copy-paste template.
1. Add SECURITY.md
A SECURITY.md file tells users how to report vulnerabilities. This is a strong trust signal.
Copy template
# Security Policy ## Supported Versions | Version | Supported | | ------- | --------- | | latest | ✅ | ## Reporting a Vulnerability Please report security vulnerabilities to [email protected] We will respond within 48 hours and provide a fix timeline. Do NOT open public issues for security vulnerabilities.
2. Add security scanning CI
Automated security scanning in CI catches vulnerabilities before they reach users.
Copy template
# .github/workflows/security.yml
name: Security Scan
on:
push:
branches: [main]
pull_request:
schedule:
- cron: '0 6 * * 1'
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
severity: 'HIGH,CRITICAL'3. Update dependencies
Outdated dependencies lower your activity score. Run dependency updates and commit.
Copy template
# For Python: pip install --upgrade -r requirements.txt pip freeze > requirements.txt # For Node: npx npm-check-updates -u npm install
4. Set up automated dependency updates
Dependabot or Renovate keeps dependencies fresh automatically.
Copy template
# .github/dependabot.yml
version: 2
updates:
- package-ecosystem: "pip"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 55. Add comprehensive README sections
READMEs with installation, usage examples, and API docs score higher.
Copy template
## Installation ```bash pip install voltagent-voltagent ``` ## Quick Start ```python from voltagent_voltagent import Client client = Client() result = client.run() print(result) ``` ## API Reference See [docs/api.md](docs/api.md) for full API documentation. ## Contributing See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
6. Add to package registries
Publishing to PyPI/npm increases discoverability and downloads.
Copy template
# PyPI: python -m build twine upload dist/* # npm: npm publish
7. Add CONTRIBUTING.md
A contributing guide encourages community participation and signals project maturity.
Copy template
# Contributing to VoltAgent/voltagent ## Getting Started 1. Fork the repository 2. Create a feature branch: `git checkout -b feature/my-feature` 3. Commit changes: `git commit -am 'Add feature'` 4. Push: `git push origin feature/my-feature` 5. Open a Pull Request ## Code Style - Follow existing code patterns - Add tests for new features - Update documentation as needed ## Bug Reports Use GitHub Issues with a clear description and reproduction steps.
8. Add .well-known/agent.json
The agent.json file makes your tool discoverable by AI agents and registries.
Copy template
{
"name": "VoltAgent/voltagent",
"description": "AI Agent Engineering Platform built on an Open Source TypeScript AI Agent Framework",
"version": "1.0.0",
"capabilities": [],
"trust_score": "https://nerq.ai/is-voltagent-voltagent-safe"
}9. Add Nerq Trust Badge
The trust badge shows visitors your security rating at a glance.
Copy template
[](https://nerq.ai/is-voltagent-voltagent-safe)
Competitors in infrastructure
| Name | Trust | Grade | Stars | |
|---|---|---|---|---|
| IBM/mcp-context-forge | 95 | A+ | 3.4k | improve |
| NVIDIA/NeMo-Agent-Toolkit | 93 | A+ | 1.9k | improve |
| vstorm-co/full-stack-fastapi-nextjs-llm-template | 93 | A+ | 585 | improve |
| williamzujkowski/strudel-mcp-server | 92 | A+ | 158 | improve |
| agentset-ai/agentset | 91 | A+ | 1.9k | improve |
Need help improving?
Implement these actions and your score will update automatically on the next crawl.