README Badges

Show your Commitment Score
right in your README

One line of Markdown. Live security signal from Commit — automatically updated whenever your package's risk profile changes.

Live badge previews

Badges are served as SVG — no external tracking, no JavaScript required.

Add to your README

Copy the snippet for your package. Click the badge to open the full audit.

 
  
 
 
 
 
  
 
 
 
 
  
 
 
 
  
 
Try your package
 
Enter any npm or PyPI package name to preview its badge.
 
 
   
 
   
 
 
Badge preview
 Commitment Score badge 
  
 
 
 
  
 
Score legend
 
 
 ● Good 
70–100
 
Low structural risk. Multiple maintainers, active development, reasonable download exposure.
 
 
 ● Fair 
40–69
 
Moderate concern. May have sole maintainer or high downloads — worth monitoring.
 
 
 ● Poor 
< 40
 
High structural risk. Significant exposure if credentials are compromised.
 
 
 ⚑ CRITICAL 
Any score
 
Sole maintainer + 10M+ weekly downloads. The structural profile shared by ua-parser-js (2021) and event-stream (2018) before they were compromised.
 
 
 
  
 Audit your dependencies View watchlist API docs