01 · Roasts
The Graveyard Gardener
blogify has CI and an actual MERN architecture — your most polished repo — and your first move was to abandon it post-internship. Nothing says 'I learned it, I shipped it, goodbye' quite like that.
Test-Phobic Across the Board
6 repos scored, 0 test suites found. Not one. ghostchat, torchat, secure-upload-system — all shipping into the void with zero automated confidence. Even your intentionally broken vuln lab has more honesty than your test coverage.
One-Week Wonder Factory
secure-upload-system: created April 17, last push April 23 — 6 days. vuln-pract-web-apps: 19 days. ghostchat shows a future last-push date from clock skew. You're speed-running the sprint-then-ghost lifecycle.
157 Commits, Zero Streaks
Your heatmap reads like Morse code — bursts of 4s followed by empty rows for weeks. 157 commits/year averages 3/week but the distribution is pure chaos. Pick a day, show up.
Cybersecurity Enthusiast, Unencrypted Codebase
You're on TryHackMe and built a Tor-encrypted chat app, yet most repos have no .gitignore, no license, hardcoded endpoints to render.com, and an in-memory users array where a database should be. The threat model ends at the README.
Built using
Zoral
Shadows one worker for a week, then takes over their job with zero extra setup. Behaves exactly like the original.
zoral.ai
02 · Category breakdown
- Impact25% weight36F
- Consistency20% weight35F
- Quality20% weight36F
- Depth15% weight50D
- Breadth10% weight65C
- Community10% weight40D
03 · Stats
365-day commit heatmap
121 active days
Language distribution
- JavaScript57%
- Python20%
- HTML13%
- EJS4%
- C3%
- CSS2%
- Other1%
04 · Numbers
Owned repos
non-fork
22
Commits
last 12 months
157
Followers
12
Joined GitHub
Aug 2023
05 · Top repos
blackXploit-404 /
blogify
Personal MERN blog platform completed as winter internship project. Typed JavaScript frontend, untyped backend, basic auth/profile/admin features. Shipping quality code but explicitly no longer maintained. No production adoption signals.
blackXploit-404 /
torchat
TorChat is a Python-based peer-to-peer chat application over Tor with ChaCha20-Poly1305 encryption, ephemeral .onion addresses, and QR code invite sharing. Minimal star adoption (10), no tests or CI, but structured codebase with typed dependencies and functional MVP features.
blackXploit-404 /
ghostchat
Privacy-focused p2p chat app using Node.js + Socket.io. Untyped, no tests/CI, flat structure; author confirms it's a learning project. 0 stars, minimal depth—one-off tutorial prototype.
blackXploit-404 /
secure-upload-system
Experimental backend for secure file uploads with S3 presigned URLs and OTP email verification. Early-stage project with unfinished login, no tests/CI, and only 4 commits in a week. No license or production readiness.
blackXploit-404 /
vuln-pract-web-apps
Minimal vulnerability practice lab with 0 stars, 20KB total, 4 of last 30 commits in 19 days, no README/tests/CI/license/documentation. Educational stub demonstrating intentional security flaws for learning purposes.
blackXploit-404 /
blackXploit-404
Profile README scaffolding with zero source files, no code artifacts, minimal commits (3 of 30), no tests/CI/license. Pure personal branding content.
06 · Timeline
- Aug 27, 2023Joined GitHub
- Nov 17, 2024Created ghostchat — Ghost Chat is a simple p2p based with no logs , no tracking real time fast chat app.
- Dec 28, 2025Created torchat — TorChat - Secure, private, and anonymous peer-to-peer chat over the Tor network
- Jan 16, 2026Created blogify — Simple MERN stack blog app
- Jan 23, 2026Created blackXploit-404 — stuffs for profile README
- Mar 9, 2026Created vuln-pract-web-apps
- Apr 17, 2026Created secure-upload-system — A prod styled secure file uploading system
- Apr 23, 2026Most recent push to ghostchat
07 · Compare
08 · Rubric
How this score was produced
Overall = Σ (category × weight) + gentle top-end curve
Tier thresholds
▸ How the pipeline works
- 01Scrape.Pull every non-fork repo pushed in the last 90 days, plus your contribution calendar, followers, and language byte counts — straight from GitHub's REST & GraphQL APIs.
- 02Triage.A small model reads every repo's file tree + README and picks the 20 files per repo that actually reveal how you code.
- 03Grade each repo. All repos run in parallel through a fast scoring model that reads the picked files and rates each one independently on Impact, Quality, and Depth — with evidence citations.
- 04Aggregate. A larger reasoning model combines the per-repo scores with server-computed stats (heatmap, commit cadence, language entropy, follower count) to produce the 6-dimension profile score + roasts.
- 05Correct.Deterministic server-side checks enforce anchor-scale floors (e.g. a profile with 2,000+ public commits can't score 30 Consistency) and recompute the final verdict.
~90 seconds per profile, ~$0.25 in compute. Total of ~240 files read across your top-12 repos. One rating per GitHub account per day.
▸ Data sources & caveats
- Heatmap & commit totals: GitHub GraphQL
contributionsCollection— covers the last 365 days, includes private repos when the user has opted in (default). - Language %: byte totals across the top 30 owned non-fork repos.
- Curve: a small upward nudge centered on raw score ≈ 70, capping at 100. Prevents specialists from being unfairly penalised for narrow breadth.
- Anchor corrections: when server-measured signals (e.g. privateWorkLikely, multiRepoVolume, follower count) mandate a minimum category score, the aggregation step enforces it. These are signal-conditional, not identity-based floors.