Methodology · Updated June 11, 2026
Workflow Trust Review Methodology
Workflow Trust reviews public GitHub repositories as discovery resources. A listing means the repository has visible source evidence and review notes; it does not mean the workflow is certified safe or ready for production use.
Review criteria
- Source availability: the GitHub repository and relevant workflow files are visible.
- License clarity: the repository has a known license or is clearly marked as unclear.
- Maintenance: recent activity is noted so readers can judge staleness.
- Compatibility: agent/runtime labels are based on visible artifacts, not marketing claims alone.
- Risk notes: credentials, external writes, shell access, browser automation, and approval needs are surfaced.
Score meaning
Trust scores summarize review confidence across source, license, maintenance, artifact evidence, and risk clarity. They are comparison aids, not security certifications. Readers should still inspect the source repository and run workflows in a controlled environment.
Source and correction policy
Listings link back to public GitHub repositories whenever possible. Repository owners can request corrections, updated source links, takedown review, or license clarification through the contact page.