tako-research/takovmNew scan
99/ 100 · A

Well engineered for its size. A portfolio piece worth showing off.

A secure file system for your agents to execute code

Python66 starsApache-2.0updated today

Outstanding work. A score of 99/100 puts this repo in a very small tier of truly well-engineered open source projects.

DocumentationREADME, setup, examples, license
97
EngineeringTests, CI, linting, lockfiles
100
Project healthDescription, activity, stars, deps
100

What to fix first

The highest-impact improvements for this repo.

  1. 1
    CI/CD
    EngineeringInfo

    Add `tsc --noEmit`, `mypy`, or `cargo check` to catch type errors before they merge.

  2. 2
    Install and run instructions
    DocumentationIssue

    Add a .env.example listing all required environment variables so contributors know what to set up.

Detailed breakdown

Documentation

97
  • README100
    • README is present.
    • README is well structured with multiple sections.
    • README includes screenshots or visuals. Great for first impressions.
    • README has code examples.
    • README links to a live demo or deployed app.
    • README includes status badges.
  • Install and run instructions90
    • README documents how to install the project.
    • README documents how to run the project.
    • No .env.example found (−10 pts).Add a .env.example listing all required environment variables so contributors know what to set up.
  • License100
    • Licensed under Apache-2.0.
  • Contributing guide100
    • Contributing guide is detailed and thorough.
    • Contributing guide includes setup/install instructions.
    • Contributing guide describes code style expectations.
    • Contributing guide explains how to run tests.
    • Contributing guide describes the PR/review workflow.
    • Contributing guide includes code examples.
    • Code of conduct present.

Engineering

100
  • Tests100
    • Test files detected (tests).
    • Pytest is fully configured in pyproject.toml with testpaths and test files detected.
  • CI/CD100

    Not applicable?

    • CI is configured (.github/workflows/lint.yml).
    • CI workflow runs tests.
    • CI runs on pull requests, not just on pushes to main.
    • CI workflow runs a lint or format check.
    • Optional: add type checking to CI.Add `tsc --noEmit`, `mypy`, or `cargo check` to catch type errors before they merge.
    • CI reports or uploads test coverage.
    • CI tests across multiple environments or versions.
  • Linting and formatting100
    • Linter or formatter configured ([tool.ruff] / [tool.black] in pyproject.toml).
  • Reproducibility100
    • Lockfile present (uv.lock). Installs are reproducible.
    • Environment pinned via docker-compose.yaml.
    • Dependabot covers 3 ecosystems (docker, pip, github-actions). Dependencies stay current.
  • Issue and PR templates100
    • Issue or PR templates present.
    • Security policy present.

Project health

100
  • Dependency manifest100
    • Dependency manifest found (pyproject.toml).
    • pyproject.toml has a [project] table with package metadata.
    • pyproject.toml includes a description.
    • pyproject.toml specifies requires-python, preventing installs on incompatible versions.
    • pyproject.toml has a [build-system] table. The package can be built and published.
  • Repository metadata100
    • Repository has a description.
    • Primary language detected: Python.
    • pyproject.toml [project] metadata is complete (description, authors, urls).
  • Activity100
    • Actively maintained (pushed within the last month).
    • 66 stars so far.
  • Housekeeping100
    • .gitignore present.

Repository health signals

Activity, community, and responsiveness at scan time

Activity

  • Commits (30d / 90d)
  • 10
    Forks
  • 2
    Releaseslatest today

Community

  • Community health
  • authors own >50% of commits
  • 66
    Watchers

Responsiveness

  • 109d 1h
    Median issue response
  • <1h
    Median PR merge time
  • 19
    Open issues
Repository files26 root entries
  • .claude
  • .github
    Good: CI is configured (.github/workflows/lint.yml).
    Good: Dependabot covers 3 ecosystems (docker, pip, github-actions). Dependencies stay current.
    Good: Issue or PR templates present.
  • assets
  • docker
  • docs
  • overrides
  • tako_vm
  • tests
    Good: Test files detected (tests).
  • .gitignore
    Good: .gitignore present.
  • .pre-commit-config.yaml
  • CHANGELOG.md
  • CLAUDE.md
  • CODE_OF_CONDUCT.md
    Good: Code of conduct present.
  • CONTRIBUTING.md
    Good: Contributing guide is detailed and thorough.
    Good: Contributing guide includes setup/install instructions.
    Good: Contributing guide describes code style expectations.
    Good: Contributing guide explains how to run tests.
    Good: Contributing guide describes the PR/review workflow.
    Good: Contributing guide includes code examples.
  • demo.sh
  • docker-compose.yaml
    Good: Environment pinned via docker-compose.yaml.
  • LICENSE
    Good: Licensed under Apache-2.0.
  • lima-gvisor.yaml
  • mkdocs.yml
  • NOTICE
  • pyproject.toml
    Good: Dependency manifest found (pyproject.toml).
  • README.ja.md
    Good: README is present.
    Good: README is well structured with multiple sections.
    Good: README includes screenshots or visuals. Great for first impressions.
    Good: README has code examples.
    Good: README links to a live demo or deployed app.
    Good: README includes status badges.
    Good: README documents how to install the project.
    Good: README documents how to run the project.
  • README.md
  • SECURITY.md
    Good: Security policy present.
  • tako_vm.yaml.example
  • uv.lock
    Good: Lockfile present (uv.lock). Installs are reproducible.