manzil-infinity180 · 66.8/100

01 · Roasts

The 23-Minute Architect

Supply-Chain-Security-Atlas was born and ghosted in a single 23-minute window. One commit, no license, no CI, zero follow-up. That's not a project, that's a git init with delusions.

Tests Are Optional (Apparently)

6 of your 9 scored repos have HAS_TESTS=no. You've got SBOM generation, sigstore signing, and cosign in aflock-tui — but no unit tests. You're securing the supply chain of software you won't even test yourself.

142 Repos, 40 Stars

142 public repos and 40 total stars. That's a 0.28 stars-per-repo ratio. You're clearly shipping — the question is whether anyone is receiving.

License? Never Heard of Her

aflock-tui, dfc-ui, and others ship without a license. You've got goreleaser + cosign + SBOM pipelines on aflock-tui but no LICENSE file. You've automated everything except the part that makes it legally usable.

220 PRs, 0 Stars on Flagship

You opened 220 PRs this year — impressive community energy — but your top project otter sits at 0 stars. You're contributing to everyone else's house while your own yard is empty.

Built using

Zoral

Shadows one worker for a week, then takes over their job with zero extra setup. Behaves exactly like the original.

zoral.ai

02 · Category breakdown

Impact
25% weight
56D
Consistency
20% weight
65C
Quality
20% weight
57D
Depth
15% weight
58D
Breadth
10% weight
80A
Community
10% weight
65C

03 · Stats

365-day commit heatmap

232 active days

Less

Language distribution

7 langs

Go39%
JavaScript32%
TypeScript21%
CSS3%
HTML2%
MDX1%
Other2%

04 · Numbers

Owned repos

non-fork

Commits

last 12 months

543

Followers

Joined GitHub

Nov 2022

05 · Top repos

manzil-infinity180 /

k8s-custom-controller

50/100

Go-based Kubernetes custom controller + admission webhook for CVE scanning. Typed, documented with design.md/ARCHITECTURE.md, structured layout, CI/CD setup, but lacks unit tests and has limited adoption (3 stars).

I40Q60D50

READMECITyped

Go★ 32mo ago

manzil-infinity180 /

otter

48/100

Active SBOM/vulnerability analysis tool under development. Go + typed, comprehensive multi-backend storage (local/postgres/S3), structured API with policy engine, audit logging, and CI/CD. Early-stage with low adoption metrics.

I25Q60D50

READMETestsCITyped

Go★ 31mo ago

manzil-infinity180 /

aflock-replay

45/100

Browser-based Claude Code policy replay tool with WASM evaluator integration. Typed frontend, CI/CD pipeline, and structured docs, but minimal adoption (0 stars) and recent launch (2 days old, 7 commits).

I40Q60D35

READMECI

HTML★ 02mo ago

manzil-infinity180 /

dfc-ui

43/100

TypeScript/Go full-stack UI for converting Dockerfiles to Chainguard Images. Typed, documented with README, CI present, but sparse test coverage and minimal adoption (6 stars). ~6 months active development with ~21 recent commits.

I25Q60D45

READMECITyped

TypeScript★ 63mo ago

manzil-infinity180 /

aflock-tui

40/100

Early-stage TUI for aflock session inspection with three modes (browse, replay, watch). Go+Bubbletea, typed, documented via README + ARCHITECTURE.md, HAS_CI=yes, but no tests and fresh codebase (2 days old, 14 commits) with 1 star.

I25Q60D35

READMECITyped

Go★ 12mo ago

manzil-infinity180 /

Xf-Registration_frontend

35/100

Early-stage user registration system with OAuth integration and profile management; untyped JavaScript, minimal tests/CI, and sparse commits relative to repository age since Feb 2024.

I25Q35D45

README

JavaScript★ 23mo ago

manzil-infinity180 /

about-me

32/100

A personal npx CLI tool that displays the author's professional profile with multiple output modes. Single-file package with clean code, README, bundled resume, and proper package.json configuration, but minimal scope and new repo (created 2026-03-15).

I25Q50D20

README

JavaScript★ 02mo ago

manzil-infinity180 /

Supply-Chain-Security-Atlas

23/100

Documentation site scaffold for supply chain security topics using Astro + Starlight. Created 2026-03-13, 1 commit in ~20 minutes. No license, unproven adoption (1 star), minimal commit history.

I15Q45D10

READMETestsTyped

MDX★ 12mo ago

06 · Timeline

Nov 25, 2022
Joined GitHub
Feb 8, 2024
Created Xf-Registration_frontend — Full Stack Project
Feb 17, 2025
Created k8s-custom-controller — Kubernetes Custom Controller + Admission Webhook for CVE Scan (In Progress)
Aug 3, 2025
Created dfc-ui — dfc-ui(chainguard): UI to convert Dockerfiles to use Chainguard Images
Nov 12, 2025
Created otter — otter 🦦 - An open-source SBOM & vulnerability analyzer. ( In Progress) // using ai to speed up :)
Mar 13, 2026
Created Supply-Chain-Security-Atlas — Learning-first docs site for software supply chain security, covering aflock, witness, go-witness, rookery, in-toto ITEs, Sigstore, SPIFFE/SPIRE, Kubernetes, CI/CD pipelines, and l
Mar 15, 2026
Created about-me — npx @rahulxf/about-me
Apr 4, 2026
Created aflock-replay — Browser-based tool to replay Claude Code sessions against aflock policy
Apr 4, 2026
Created aflock-tui — Terminal UI for inspecting aflock sessions — browse sessions, decode DSSE attestations & JWTs, replay Claude Code sessions against policies, live-watch agent sessions. Built with
Apr 6, 2026
Most recent push to otter

07 · Compare

Compare manzil-infinity180 against

github.com/

manzil-infinity180 · 6dmedian coder

08 · Rubric

How this score was produced

Overall = Σ (category × weight) + gentle top-end curve

CategoryWeightScoreContrib.

Raw total61.6

Top-end curve+5.2

Final overall66.8

Tier thresholds

S90–100Mass-producing humansA80–89Ship machineB70–79Solid engineerC60–69Getting thereD40–59README enthusiastF0–39GitHub tourist

▸ How the pipeline works

01Scrape.Pull every non-fork repo pushed in the last 90 days, plus your contribution calendar, followers, and language byte counts — straight from GitHub's REST & GraphQL APIs.
02Triage.A small model reads every repo's file tree + README and picks the 20 files per repo that actually reveal how you code.
03Grade each repo. All repos run in parallel through a fast scoring model that reads the picked files and rates each one independently on Impact, Quality, and Depth — with evidence citations.
04Aggregate. A larger reasoning model combines the per-repo scores with server-computed stats (heatmap, commit cadence, language entropy, follower count) to produce the 6-dimension profile score + roasts.
05Correct.Deterministic server-side checks enforce anchor-scale floors (e.g. a profile with 2,000+ public commits can't score 30 Consistency) and recompute the final verdict.

~90 seconds per profile, ~$0.25 in compute. Total of ~240 files read across your top-12 repos. One rating per GitHub account per day.

▸ Data sources & caveats

Heatmap & commit totals: GitHub GraphQL contributionsCollection — covers the last 365 days, includes private repos when the user has opted in (default).
Language %: byte totals across the top 30 owned non-fork repos.
Curve: a small upward nudge centered on raw score ≈ 70, capping at 100. Prevents specialists from being unfairly penalised for narrow breadth.
Anchor corrections: when server-measured signals (e.g. privateWorkLikely, multiRepoVolume, follower count) mandate a minimum category score, the aggregation step enforces it. These are signal-conditional, not identity-based floors.