huggingface/transformers vs threat9/routersploit
huggingface/transformers shows stronger signals overall
As of June 2026, transformers shows healthier maintenance signals than routersploit. transformers rates Healthy overall while routersploit rates Mixed. transformers was committed to today with 53+ active contributors, while routersploit last saw a commit 1 month ago with 35+ active contributors. transformers is Apache-2.0-licensed while routersploit is Other-licensed. Neither has known critical or high-severity CVEs in its dependency tree.
Informational only. RepoPilot summarises public signals at the time of analysis. Not professional, security, or legal advice.
huggingface/transformers →
Healthy across the board
Permissive license, no critical CVEs, actively maintained — safe to depend on.
Has a license, tests, and CI — clean foundation to fork and modify.
Documented and popular — useful reference codebase to read through.
No critical CVEs, sane security posture — runnable as-is.
- ✓Last commit today
- ✓53+ active contributors
- ✓Distributed ownership (top contributor 7% of recent commits)
- ✓Apache-2.0 licensed
- ✓CI configured
- ✓Tests present
Computed from maintenance signals — commit recency, contributor breadth, bus factor, license, CI, tests, cross-checked against dependency CVEs from deps.dev and OpenSSF Scorecard
threat9/routersploit →
Mixed signals — read the receipts
non-standard license (Other)
Has a license, tests, and CI — clean foundation to fork and modify.
Documented and popular — useful reference codebase to read through.
No critical CVEs, sane security posture — runnable as-is.
- ⚠Concentrated ownership — top contributor handles 54% of recent commits
- ⚠Non-standard license (Other) — review terms
- ⚠Scorecard: marked unmaintained (2/10)
- ✓Last commit 6d ago
- ✓35+ active contributors
- ✓Other licensed
- ✓CI configured
- ✓Tests present
What would improve this?
- →Use as dependency Concerns → Mixed if: clarify license terms
Computed from maintenance signals — commit recency, contributor breadth, bus factor, license, CI, tests, cross-checked against OpenSSF Scorecard
Signal-by-signal breakdown
| transformers | routersploit | |
|---|---|---|
| Stars | 161,971 | 13,109 |
| Last commit | today | 1mo ago |
| License | Apache-2.0 | Other |
| Open issues | 2,460 | 92 |
| Has tests | ✓ | ✓ |
| Has CI | ✓ | ✓ |
| Test coverage | 5% | 4% |
| Dependency CVEs | No CVEs | No CVEs |
| Architecture grade | — | — |
| Cycles | — | — |
| Bottom-line | Healthy signals | Mixed signals |
Want the full analysis? huggingface/transformers · threat9/routersploit
Ask AI about huggingface/transformers vs threat9/routersploit
Open the chat with a comparison question pre-filled.