Acorn221 · 63.1/100 — Rate My GitHub

01 · Roasts

79% Jupyter, 0 Stars on the ML Stuff

Your language breakdown is basically a confession: 79% Jupyter Notebook but none of those notebooks made it into the scored repos. That's a lot of exploratory cells going nowhere public — ship a model, not just a kernel.

IEEE Paper, 19 Stars — Still a D Tier

You got a peer-reviewed conference paper and a Chrome Web Store listing for CubeAuthn and still couldn't crack 20 stars. The Rubik's cube auth idea is genuinely clever; the distribution strategy clearly isn't.

Graveyard Curator

staleRepoRatio of 0.61 means 6 in 10 of your repos haven't been touched in 2+ years. At 61 public repos, that's roughly 37 digital skeletons. Consider a mass burial or a mass revival.

4 PRs in a Year

totalPRsYear=4 and totalIssuesYear=2. You're building elaborate WebRTC sync coordinators and crypto extensions in isolation. Open source is a conversation — you're sending letters and forgetting to post them.

Security Researcher With a 2-Day Repo

multipassword-exploit-demo: created 2026-03-09, last push 2026-03-11. Two days of existence, 600+ lines of exploit code, responsible disclosure, and then silence. At least the CVE timeline is longer than the commit history.

Built using

Zoral

Shadows one worker for a week, then takes over their job with zero extra setup. Behaves exactly like the original.

zoral.ai

02 · Category breakdown

Impact
25% weight
58D
Consistency
20% weight
55D
Quality
20% weight
69C
Depth
15% weight
65C
Breadth
10% weight
55D
Community
10% weight
40D

03 · Stats

365-day commit heatmap

309 active days

Less

Language distribution

7 langs

Jupyter Notebook79%
TypeScript11%
JavaScript3%
C++2%
TeX1%
Cuda1%
Other3%

04 · Numbers

Owned repos

non-fork

Commits

last 12 months

577

Followers

Joined GitHub

May 2017

05 · Top repos

Acorn221 /

Arnott.tech

59/100

A well-crafted personal website with sophisticated real-time sync infrastructure (BroadcastChannel + WebRTC + time sync) built in TypeScript. Demonstrates strong architectural thinking and multi-transport coordination, though nascent project with 0 stars.

I40Q72D65

READMETestsCITyped

TypeScript★ 02mo ago

Acorn221 /

CubeAuthn

57/100

TypeScript Chrome extension implementing novel WebAuthn-compatible passkey authentication via Rubik's cube physical state. Published paper + Chrome Web Store release, though PoC-stage with known security limitations and limited hardware support.

I55Q65D50

READMECITyped

TypeScript★ 195mo ago

Acorn221 /

multipassword-exploit-demo

42/100

Security research PoC demonstrating a zero-click credential theft vulnerability (CVE-pending) in MultiPassword Chrome extension via ccTLD domain collapse, wildcard postMessage, and missing origin checks. Well-documented attack chain with working exploit code.

I25Q65D35

README

JavaScript★ 02mo ago

06 · Timeline

May 26, 2017
Joined GitHub
Jul 16, 2022
Created Arnott.tech — This is my personal website!
Jun 10, 2025
Created CubeAuthn — Rubiks cube based passkeys
Mar 9, 2026
Created multipassword-exploit-demo — Zero-click credential + TOTP theft PoC for MultiPassword Chrome extension (0.98.11–0.98.70)
Mar 27, 2026
Most recent push to Arnott.tech

07 · Compare

Compare Acorn221 against

github.com/

Acorn221 · 6dmedian coder

08 · Rubric

How this score was produced

Overall = Σ (category × weight) + gentle top-end curve

CategoryWeightScoreContrib.

Raw total58.5

Top-end curve+4.6

Final overall63.1

Tier thresholds

S90–100Mass-producing humansA80–89Ship machineB70–79Solid engineerC60–69Getting thereD40–59README enthusiastF0–39GitHub tourist

▸ How the pipeline works

01Scrape.Pull every non-fork repo pushed in the last 90 days, plus your contribution calendar, followers, and language byte counts — straight from GitHub's REST & GraphQL APIs.
02Triage.A small model reads every repo's file tree + README and picks the 20 files per repo that actually reveal how you code.
03Grade each repo. All repos run in parallel through a fast scoring model that reads the picked files and rates each one independently on Impact, Quality, and Depth — with evidence citations.
04Aggregate. A larger reasoning model combines the per-repo scores with server-computed stats (heatmap, commit cadence, language entropy, follower count) to produce the 6-dimension profile score + roasts.
05Correct.Deterministic server-side checks enforce anchor-scale floors (e.g. a profile with 2,000+ public commits can't score 30 Consistency) and recompute the final verdict.

~90 seconds per profile, ~$0.25 in compute. Total of ~240 files read across your top-12 repos. One rating per GitHub account per day.

▸ Data sources & caveats

Heatmap & commit totals: GitHub GraphQL contributionsCollection — covers the last 365 days, includes private repos when the user has opted in (default).
Language %: byte totals across the top 30 owned non-fork repos.
Curve: a small upward nudge centered on raw score ≈ 70, capping at 100. Prevents specialists from being unfairly penalised for narrow breadth.
Anchor corrections: when server-measured signals (e.g. privateWorkLikely, multiRepoVolume, follower count) mandate a minimum category score, the aggregation step enforces it. These are signal-conditional, not identity-based floors.