samerfarida /
mcp-ssh-orchestrator
Secure SSH access for AI agents via MCP. Execute commands across your server fleet with policy enforcement, network controls, and comprehensive audit logging.
64/100 healthLoading repository data…
psenger / repository
Audit and enforce branch protection rules across all your GitHub repositories. Generates manifests, identifies unprotected repos, and applies rulesets in bulk using the modern Rulesets API.
A transparent discovery signal based on current public GitHub metadata.
This score does not audit code, security, maintainers, documentation quality, or suitability. Verify the repository and its current documentation before adoption.
Stop worrying about unprotected repos.
Audit 100+ repositories in seconds. Apply consistent branch protection with one command. Keep your default branch safe from accidental pushes, force-pushes, and leaked CI tokens.
By default, GitHub repositories have no branch protection:
If you have dozens of repositories, manually configuring protection through the GitHub UI is tedious, inconsistent, and easy to forget.
This tool audits all your repos and applies consistent protection in bulk.
main, master, develop, etc.)--apply or --from-csv to make any changes--dry-runpublic_repo scope for public reposSelected from shared topics, language and repository description—not editorial ratings.
samerfarida /
Secure SSH access for AI agents via MCP. Execute commands across your server fleet with policy enforcement, network controls, and comprehensive audit logging.
64/100 healthparthalon025 /
Agent-driven development pipeline — Code Factory quality gates, entropy audit, lesson enforcement, and batch tooling.
23/100 health┌─────────────────────────────────────────────────────────────────┐
│ 1. AUDIT 2. REVIEW 3. APPLY │
│ │
│ Scan all repos Open CSV in Excel Apply rulesets to │
│ for existing → or any editor. → repos you marked │
│ protection Mark YES/NO. as YES. │
│ │
│ (read-only) (your decision) (writes to GitHub) │
└─────────────────────────────────────────────────────────────────┘
git clone https://github.com/psenger/github-ruleset-auditor.git
cd github-ruleset-auditor
pip install .
Option A: Using GitHub CLI (easiest)
export GITHUB_TOKEN=$(gh auth token)
Option B: Using a Personal Access Token
export GITHUB_TOKEN="ghp_xxxxxxxxxxxx"
| What you want to audit | Token scope needed |
|---|---|
| Public repos only | public_repo |
| Private or all repos | repo |
github-ruleset-auditor -u YOUR_USERNAME
Sample output:
Fetching public repositories for user: octocat...
Page 1: 23 repos (skipped 2 archived, 5 forked)
Total eligible repositories: 23
Checking ruleset status for 23 repositories...
----------------------------------------------------------------------
[1/23] octocat/hello-world (branch: main)
✗ No ruleset
[2/23] octocat/my-api (branch: main)
✓ Has ruleset: default-branch-protection (active)
...
SUMMARY
======================================================================
Total repositories scanned: 23
✓ With ruleset: 8
✗ Without ruleset: 15
Manifest saved:
CSV: ruleset_manifest_20241215_143052.csv
apply_protection column to YES or NO for each repogithub-ruleset-auditor --from-csv ruleset_manifest_*.csv --dry-run
github-ruleset-auditor --from-csv ruleset_manifest_*.csv
The default ruleset protects your default branch:
| Rule | You (owner) | Everyone Else |
|---|---|---|
| Push directly to default branch | Allowed (bypass) | Blocked |
| Merge PRs without approval | Allowed (bypass) | Blocked (needs 1 approval) |
| Force push | Allowed (bypass) | Blocked |
| Delete default branch | Allowed (bypass) | Blocked |
You keep full bypass permissions. Everyone else must follow the rules.
github-ruleset-auditor [OPTIONS]
Required (pick one):
-u, --username USER GitHub username (personal repos)
-o, --org ORG GitHub organization
-f, --from-csv FILE Apply from CSV manifest
Optional:
-v, --visibility TYPE public (default), private, or all
-r, --repo NAME Single repo only (for testing)
-a, --apply Apply rulesets without CSV review
-d, --dry-run Preview without making changes
-t, --token TOKEN GitHub token (or use GITHUB_TOKEN env var)
--output-dir DIR Where to save manifests (default: .)
--version Show version
# Audit public repos (default)
github-ruleset-auditor -u octocat
# Audit private repos only
github-ruleset-auditor -u octocat --visibility private
# Audit all repos (public + private)
github-ruleset-auditor -u octocat --visibility all
# Test on a single repo first
github-ruleset-auditor -u octocat -r my-repo --apply --dry-run
# Apply to all unprotected repos (skip CSV review)
github-ruleset-auditor -u octocat --apply
To change the number of required approvals, add status checks, or configure CODEOWNERS, see docs/CUSTOMIZATION.md.
Contributions welcome! See CONTRIBUTING.md.
See CHANGELOG.md for version history.
MIT License - see LICENSE.
xoity /
Automate firewall policy auditing and enforcement with this AI-driven Python compliance tool.
62/100 healthLakewest1 /
Production-ready AWS security automation framework built with Python and Boto3. Automates security posture assessments across IAM, CloudTrail, S3, and KMS services. Features least-privilege architecture, modular design, and JSON reporting. Reduces human error and enforces AWS security best practices programmatically.
46/100 healthrudymartinezai /
NIST SP 800-218 (SSDF) compliance automation for Kubernetes — provision, harden, enforce, and audit clusters on-premises and air-gapped environments.
34/100 healthLavanyaraju19 /
Cost optimization project using Python and Google Cloud Scheduler to automate shutdown and restart of GCE instances during off-peak hours. Combined with Terraform-based tagging and IAM enforcement, this project reduced compute costs by 40% and achieved 100% audit compliance across all environments.
34/100 health