Reposentry helps you decide whether to trust open-source code before you clone it, add it as a dependency, or run it. It combines fast, exhaustive checks across every file with an agentic AI review that can open and reason about the exact files that matter, so you get a clear verdict, severities, and file-level evidence, not arbitrary scores you can't quantify.

Wafaa.io — Turn scattered DMs into contracts you can control and prove.

Turn scattered DMs into contracts you can control and prove.

When exploring open-source projects I was interested in, I ran into a recurring issue: I couldn't verify exactly what the software was doing, what permissions it had, and the nuances in its code which I may want to know about before running it on my personal devices.

So I created Reposentry, with the goal of unmasking the true intentions behind the code in repositories across different platforms, whether it's on Github, Gitlab, Codeberg, or others it supports.

All you have to do is paste the repository URL, and Reposentry will scan the codebase for the permissions it has, analyzes its capabilities, and outputs it all neatly to the user within a minute.

It's not perfect yet, but if there is demand I will certainly be improving it further. Interested to see if the tool is useful for anyone else!