ohmyzsh/ohmyzsh · Security & risks
Authoritative risk signals for ohmyzsh/ohmyzsh — dependency CVEs (deps.dev), OpenSSF Scorecard, and GitHub Code Scanning. Not a substitute for your own security review.
Dependency CVEs (deps.dev)
0
Critical
0 direct
0
High
0 direct
0
Moderate
7
Deps scanned
7 direct
OpenSSF Scorecard · 8.2/10
- Packaging—
- Signed-Releases—
- Fuzzing0/10
- SAST1/10
- CII-Best-Practices2/10
- Branch-Protection6/10
- Pinned-Dependencies7/10
- Code-Review9/10
Ask AI about ohmyzsh/ohmyzsh
Grounded in the actual source code. Pick a starter question or write your own.
What does this repo do, in one paragraph?How would I get started using it?What are the main alternatives?Show me the entry point.
Or write your own question →Informational only. RepoPilot summarises public signals at the time of analysis; they can be incomplete or stale. Not professional, security, or legal advice.