Home/guildai/Trust report Trust and health report
guildai - trust report
Sourced, dated trust signals - maintenance label posture, repository provenance, and security scan status. Not a composite safety grade.
GraphCanon updated today · GitHub synced today
Maintenance
Recency and activity heuristics from public GitHub metadata (maintenance label, momentum); methodology: github_public_v1.
last push 438d ago · last release 4y
Provenance
Repository identity and fork provenance (github_public_v1).
- GitHub repo id: 105057392
- Not a fork
- Verified publisher: organization account
- Computed today
Security scan
Dependency advisory security scan when a lockfile is present. Not a full code audit.
- Status
- 138 low
- Last scan
- today
- Scanner
- osv@v1
Findings
GHSA-3f63-hfp8-52jq
Pillow@5.0 · requirements.txt
GHSA-3wvg-mj6g-m9cv
Pillow@5.0 · requirements.txt
GHSA-3xv8-3j54-hgrp
Pillow@5.0 · requirements.txt
GHSA-43fq-w8qq-v88h
Pillow@5.0 · requirements.txt
GHSA-44wm-f244-xhp3
Pillow@5.0 · requirements.txt
GHSA-4fx9-vc88-q2xc
Pillow@5.0 · requirements.txt
GHSA-57h3-9rgr-c24m
Pillow@5.0 · requirements.txt
GHSA-5gm3-px64-rw72
Pillow@5.0 · requirements.txt
GHSA-7534-mm45-c74v
Pillow@5.0 · requirements.txt
GHSA-77gc-v2xv-rvvh
Pillow@5.0 · requirements.txt
GHSA-7r7m-5h27-29hp
Pillow@5.0 · requirements.txt
GHSA-8843-m7mw-mxqm
Pillow@5.0 · requirements.txt
GHSA-8ghj-p4vj-mr35
Pillow@5.0 · requirements.txt
GHSA-8vj2-vxx3-667w
Pillow@5.0 · requirements.txt
GHSA-8xjq-8fcg-g5hw
Pillow@5.0 · requirements.txt
GHSA-95q3-8gr9-gm8w
Pillow@5.0 · requirements.txt
GHSA-9j59-75qj-795w
Pillow@5.0 · requirements.txt
GHSA-cqhg-xjhh-p8hf
Pillow@5.0 · requirements.txt
GHSA-f4w8-cv6p-x6r5
Pillow@5.0 · requirements.txt
GHSA-f5g8-5qq7-938w
Pillow@5.0 · requirements.txt
GHSA-g6rj-rv7j-xwp4
Pillow@5.0 · requirements.txt
GHSA-hf64-x4gq-p99h
Pillow@5.0 · requirements.txt
GHSA-hj69-c76v-86wr
Pillow@5.0 · requirements.txt
GHSA-j7hp-h8jx-5ppr
Pillow@5.0 · requirements.txt
GHSA-j7mj-748x-7p78
Pillow@5.0 · requirements.txt
GHSA-jgpv-4h4c-xhw3
Pillow@5.0 · requirements.txt
GHSA-m2vv-5vj5-2hm7
Pillow@5.0 · requirements.txt
GHSA-mvg9-xffr-p774
Pillow@5.0 · requirements.txt
GHSA-p43w-g3c5-g5mq
Pillow@5.0 · requirements.txt
GHSA-p49h-hjvm-jg3h
Pillow@5.0 · requirements.txt
GHSA-pw3c-h7wp-cvhx
Pillow@5.0 · requirements.txt
GHSA-q5hq-fp76-qmrc
Pillow@5.0 · requirements.txt
GHSA-r73j-pqj5-w3x7
Pillow@5.0 · requirements.txt
GHSA-r7rm-8j6h-r933
Pillow@5.0 · requirements.txt
GHSA-rwv7-3v45-hg29
Pillow@5.0 · requirements.txt
GHSA-vcqg-3p29-xw73
Pillow@5.0 · requirements.txt
GHSA-vj42-xq3r-hr3r
Pillow@5.0 · requirements.txt
GHSA-vqcj-wrf2-7v73
Pillow@5.0 · requirements.txt
GHSA-wjx4-4jcj-g98j
Pillow@5.0 · requirements.txt
GHSA-xrcv-f9gm-v42c
Pillow@5.0 · requirements.txt
PYSEC-2019-110
Pillow@5.0 · requirements.txt
PYSEC-2020-172
Pillow@5.0 · requirements.txt
PYSEC-2020-76
Pillow@5.0 · requirements.txt
PYSEC-2020-77
Pillow@5.0 · requirements.txt
PYSEC-2020-78
Pillow@5.0 · requirements.txt
PYSEC-2020-79
Pillow@5.0 · requirements.txt
PYSEC-2020-80
Pillow@5.0 · requirements.txt
PYSEC-2020-81
Pillow@5.0 · requirements.txt
PYSEC-2020-82
Pillow@5.0 · requirements.txt
PYSEC-2020-83
Pillow@5.0 · requirements.txt
PYSEC-2020-84
Pillow@5.0 · requirements.txt
PYSEC-2021-137
Pillow@5.0 · requirements.txt
PYSEC-2021-138
Pillow@5.0 · requirements.txt
PYSEC-2021-139
Pillow@5.0 · requirements.txt
PYSEC-2021-317
Pillow@5.0 · requirements.txt
PYSEC-2021-331
Pillow@5.0 · requirements.txt
PYSEC-2021-35
Pillow@5.0 · requirements.txt
PYSEC-2021-36
Pillow@5.0 · requirements.txt
PYSEC-2021-37
Pillow@5.0 · requirements.txt
PYSEC-2021-38
Pillow@5.0 · requirements.txt
PYSEC-2021-39
Pillow@5.0 · requirements.txt
PYSEC-2021-40
Pillow@5.0 · requirements.txt
PYSEC-2021-41
Pillow@5.0 · requirements.txt
PYSEC-2021-42
Pillow@5.0 · requirements.txt
PYSEC-2021-69
Pillow@5.0 · requirements.txt
PYSEC-2021-70
Pillow@5.0 · requirements.txt
PYSEC-2021-71
Pillow@5.0 · requirements.txt
PYSEC-2021-92
Pillow@5.0 · requirements.txt
PYSEC-2021-93
Pillow@5.0 · requirements.txt
PYSEC-2021-94
Pillow@5.0 · requirements.txt
PYSEC-2022-10
Pillow@5.0 · requirements.txt
PYSEC-2022-168
Pillow@5.0 · requirements.txt
PYSEC-2022-42979
Pillow@5.0 · requirements.txt
PYSEC-2022-42980
Pillow@5.0 · requirements.txt
PYSEC-2022-8
Pillow@5.0 · requirements.txt
PYSEC-2022-9
Pillow@5.0 · requirements.txt
PYSEC-2023-175
Pillow@5.0 · requirements.txt
PYSEC-2023-227
Pillow@5.0 · requirements.txt
PYSEC-2026-165
Pillow@5.0 · requirements.txt
PYSEC-2026-1793
Pillow@5.0 · requirements.txt
PYSEC-2026-1794
Pillow@5.0 · requirements.txt
PYSEC-2026-457
Pillow@5.0 · requirements.txt
GHSA-8q59-q68h-6hv4
PyYAML@2.12 · requirements.txt
GHSA-rprw-h62v-c2w7
PyYAML@2.12 · requirements.txt
PYSEC-2018-49
PyYAML@2.12 · requirements.txt
PYSEC-2021-142
PyYAML@2.12 · requirements.txt
GHSA-29vq-49wr-vm6x
Werkzeug@0.15 · requirements.txt
GHSA-2g68-c3qc-8985
Werkzeug@0.15 · requirements.txt
GHSA-87hc-h4r5-73f7
Werkzeug@0.15 · requirements.txt
GHSA-f9vj-2wh5-fj8j
Werkzeug@0.15 · requirements.txt
GHSA-gq9m-qvpx-68hc
Werkzeug@0.15 · requirements.txt
GHSA-hgf8-39gv-g3f2
Werkzeug@0.15 · requirements.txt
GHSA-j544-7q9p-6xp8
Werkzeug@0.15 · requirements.txt
GHSA-px8h-6qxv-m22q
Werkzeug@0.15 · requirements.txt
GHSA-xg9f-g7g7-2323
Werkzeug@0.15 · requirements.txt
PYSEC-2019-140
Werkzeug@0.15 · requirements.txt
PYSEC-2022-203
Werkzeug@0.15 · requirements.txt
PYSEC-2023-221
Werkzeug@0.15 · requirements.txt
PYSEC-2023-57
Werkzeug@0.15 · requirements.txt
PYSEC-2023-58
Werkzeug@0.15 · requirements.txt
PYSEC-2026-1065
Werkzeug@0.15 · requirements.txt
PYSEC-2026-2043
Werkzeug@0.15 · requirements.txt
PYSEC-2026-2044
Werkzeug@0.15 · requirements.txt
PYSEC-2026-2045
Werkzeug@0.15 · requirements.txt
PYSEC-2026-2046
Werkzeug@0.15 · requirements.txt
GHSA-qmgc-5h2g-mvrw
filelock@3.0.12 · requirements.txt
GHSA-w853-jp5j-5j7f
filelock@3.0.12 · requirements.txt
PYSEC-2026-1374
filelock@3.0.12 · requirements.txt
PYSEC-2026-1375
filelock@3.0.12 · requirements.txt
GHSA-cpwx-vrp4-4pq7
jinja2@3.0.3 · requirements.txt
GHSA-gmj6-6f8f-6699
jinja2@3.0.3 · requirements.txt
GHSA-h5c8-rqwp-cp95
jinja2@3.0.3 · requirements.txt
GHSA-h75v-3vvj-5mfj
jinja2@3.0.3 · requirements.txt
GHSA-q2x7-8rv6-6q7h
jinja2@3.0.3 · requirements.txt
PYSEC-2026-1471
jinja2@3.0.3 · requirements.txt
PYSEC-2026-1472
jinja2@3.0.3 · requirements.txt
PYSEC-2026-1473
jinja2@3.0.3 · requirements.txt
PYSEC-2026-1474
jinja2@3.0.3 · requirements.txt
PYSEC-2026-1475
jinja2@3.0.3 · requirements.txt
GHSA-5545-2q6w-2gh6
numpy@1.16 · requirements.txt
GHSA-6p56-wp2h-9hxr
numpy@1.16 · requirements.txt
GHSA-9fq2-x9r6-wfmf
numpy@1.16 · requirements.txt
GHSA-f7c7-j99h-c22f
numpy@1.16 · requirements.txt
GHSA-fpfv-jqm9-f5jm
numpy@1.16 · requirements.txt
PYSEC-2019-108
numpy@1.16 · requirements.txt
PYSEC-2021-856
numpy@1.16 · requirements.txt
PYSEC-2021-857
numpy@1.16 · requirements.txt
GHSA-qfc5-mcwq-26q8
psutil@5.6.3 · requirements.txt
PYSEC-2019-41
psutil@5.6.3 · requirements.txt
GHSA-jjw5-xxj6-pcv5
scikit-learn@0.19.1 · requirements.txt
GHSA-jw8x-6495-233v
scikit-learn@0.19.1 · requirements.txt
PYSEC-2020-107
scikit-learn@0.19.1 · requirements.txt
PYSEC-2020-108
scikit-learn@0.19.1 · requirements.txt
PYSEC-2024-110
scikit-learn@0.19.1 · requirements.txt
GHSA-597g-3phw-6986
virtualenv@15.1.0 · requirements.txt
GHSA-rqc4-2hc7-8c8v
virtualenv@15.1.0 · requirements.txt
PYSEC-2024-187
virtualenv@15.1.0 · requirements.txt
PYSEC-2026-2009
virtualenv@15.1.0 · requirements.txt
Method and caveats:these are sourced, dated heuristics from public GitHub data and optional dependency scans. A status like "no criticals found on 2026-07-11" is not a guarantee of safety. Read the full trust methodology · JSON report at /api/graphcanon/tools/guildai-guildai/trust.
Common questions
- Is guildai maintained?
- GraphCanon rates guildai "Dormant" (18% maintenance signal from public GitHub metadata, computed today). Last push was 438 days ago. This is a recency heuristic, not a guarantee the project will stay maintained.
- Is guildai safe to use?
- Last scanned today (deps profile). Status: 138 low - 138 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report. GraphCanon does not certify guildai as safe - review maintenance, provenance, and scan findings on this page before adopting.
- Is guildai a fork?
- No. guildai is not flagged as a fork in GitHub metadata at the time of the last refresh.
- Does guildai have known security vulnerabilities?
- Last scanned today (deps profile). Status: 138 low - 138 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report.
- How often is the guildai trust report updated?
- Trust signals refresh on GitHub ingest/refresh cycles and optional dependency/MCP scans. This report was computed today (methodology github_public_v1).
- What does GraphCanon never claim about guildai?
- We never publish a composite safety grade, pen-test endorsement, or "verified secure" label for guildai. Signals are sourced heuristics with explicit limits - see trust methodology.
- How does GraphCanon assess trust for guildai?
- Signals are sourced from public GitHub metadata and optional dependency/MCP manifest scans, each tagged with methodology version and computed date. GraphCanon does not publish a composite safety grade. Read trust methodology for full scope and limits.