RepoCheck audits GitHub repos for trust

RepoCheck reads like a practical due-diligence layer for open-source adoption, not a flashy one-off scanner. The README frames it around reproducibility, while the project site emphasizes quick trust signals like first commit date and activity, so the real pitch is helping you answer “can I trust this repo?” faster.

• –Local-first scanning keeps the workflow simple: point it at a local path, Git URL, or zip and get a structured report.
• –The rule set targets common adoption risks: unpinned dependencies, missing Python or CUDA versions, hardcoded paths, missing seeds, and config drift.
• –Smoke checks and minimal reproduction commands make it useful for researchers and for teams vetting third-party code.
• –The product is still fairly scoped to Python-first repositories, so it solves a sharp problem rather than pretending to be universal.