June 30, 2026 · auto-generated from 39 daily snapshots
Q2 2026 across 319 tracked agents: 278 new listings, MCP-implemented servers 66 → 104, build provenance 15 → 48, from 39 daily registry snapshots.
Read report →
July 12, 2026 · auto-generated from registry snapshots
Week 28: 6 trust-score gains, 4 declines, 33 new listings, 0 provenance and 0 MCP additions across 348 tracked agents.
Read snapshot →
July 5, 2026 · auto-generated from registry snapshots
Week 27: 20 trust-score gains, 91 declines, 2 new listings, 1 provenance and 1 MCP additions across 319 tracked agents.
Read snapshot →
June 28, 2026 · auto-generated from registry snapshots
Week 26: 60 trust-score gains, 1 declines, 17 new listings, 0 provenance and 1 MCP additions across 317 tracked agents.
Read snapshot →
June 21, 2026 · auto-generated from registry snapshots
Week 25: 24 trust-score gains, 18 declines, 78 new listings, 0 provenance and 1 MCP additions across 300 tracked agents.
Read snapshot →
June 14, 2026 · auto-generated from registry snapshots
Week 24: 18 trust-score gains, 6 declines, 27 new listings, 1 provenance and 3 MCP additions across 223 tracked agents.
Read snapshot →
June 7, 2026 · auto-generated from registry snapshots
Week 23: 40 trust-score gains, 4 declines, 29 new listings, 6 provenance and 98 MCP additions across 204 tracked agents.
Read snapshot →
May 31, 2026 · auto-generated from registry snapshots
Week 22: 79 trust-score gains, 0 declines, 113 new listings, 1 provenance and 0 MCP additions across 192 tracked agents.
Read snapshot →
July 6, 2026 · 5 min read
We found and fixed a build-loop bug that let the bounded runtime adjustment compound across builds and inflate scores. Here's what happened, the v4.2 fix that de-inflated the board, and a new evidence-coverage grade that keeps thin evidence visible next to every number.
Read article →
June 23, 2026 · 4 min read
Verify checks one project deep. Scan runs the same trust engine over your whole requirements.txt, package.json, or MCP config — a verdict for every agent, framework, and server in one pass, plus your stack's average HVTrust.
Read article →
June 21, 2026 · 5 min read
Our public trust registry is now an MCP server. Point any MCP client at hvtracker.net/mcp and your agent can verify any server, package, or agent before it connects — three read-only tools, no auth, open verdict.
Read article →
June 21, 2026 · 8 min read
We graded 272 open-source AI agents on supply-chain trust. Only 13% earn an A; 43% land at D. 17% publish provenance, the median OSSF Scorecard is 5.3/10. The full state of the ecosystem.
Read article →
June 21, 2026 · 6 min read
45% of the agents we track now implement or declare an MCP server — and 76% of them ship no build provenance. As MCP tool-poisoning becomes the top 2026 attack, here's who you can verify.
Read article →
June 21, 2026 · 6 min read
The 2026 TrapDoor campaign weaponized three registries at once and planted hidden instructions in CLAUDE.md. Build provenance detects exactly this — and 83% of AI agents don't publish it.
Read article →
June 5, 2026 · 5 min read
HVTracker v3.2 adds public runtime-trust discovery and an experimental score lab. See how the current top 10 would move under the first calibration.
Read article →
June 2, 2026 · 6 min read
122 million weekly downloads, zero proof the package matches the source code. 83% of AI agents ship without build provenance. Here's what sits in the gap.
Read article →
May 27, 2026 · 6 min read
GitHub stars measure popularity, not trustworthiness. Here are the evidence-based signals that actually help evaluate whether an open-source AI agent is safe to adopt.
Read article →
May 30, 2026 · 5 min read
375k stars, 184k stars, 167k stars — and zero build provenance. We checked the 10 most-starred AI agents. Eight ship without any package attestation.
Read article →
June 1, 2026 · 5 min read
Claude Code has more stars. Codex ranks dramatically higher on HVTracker. The gap comes from provenance, signed commits, and public verifiability.
Read article →
May 30, 2026 · 6 min read
opencode (167k stars) ranks #127. GPT Pilot has 1% signed commits. Only one coding agent cracks the global top 10.
Read article →
May 30, 2026 · 7 min read
LangGraph #1, AutoGPT #39, LlamaIndex #126, smolagents #138. Stars don't tell this story — provenance, scorecards, and signed commits do.
Read article →
July 6, 2026 · 4 min read · Coding Agents
Codex and Qwen Code lead coding agents. Compare HVTrust 93.2 vs 90.8, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Agent Frameworks
Vercel AI SDK and Haystack lead agent frameworks. Compare HVTrust 95.5 vs 94.2, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Workflow Platforms
n8n and Trigger.dev lead workflow platforms. Compare HVTrust 91.3 vs 90.5, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Browser & Computer Use
Stagehand and Agent Browser lead browser & computer use. Compare HVTrust 88.8 vs 85.3, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Memory & Knowledge
LanceDB and Mem0 lead memory & knowledge. Compare HVTrust 86.8 vs 86.1, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Research & Data
Docling and WrenAI lead research & data. Compare HVTrust 86.7 vs 85.9, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Observability & Evaluation
MLflow and Weights & Biases Weave lead observability & evaluation. Compare HVTrust 88.3 vs 86.5, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Security & Guardrails
Guardrails AI and NeMo Guardrails lead security & guardrails. Compare HVTrust 82.8 vs 71.2, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Protocols & Tool Integration
A2A / Agent2Agent Protocol and CLI-Anything lead protocols & tool integration. Compare HVTrust 88.6 vs 78.6, evidence grades, safety signals, and maintenance.
Read comparison →
July 12, 2026 · 4 min read · MCP Servers
Codebase Memory MCP and Playwright MCP lead mcp servers. Compare HVTrust 90.4 vs 89.5, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Voice & Conversational
LiveKit Agents and Pipecat lead voice & conversational. Compare HVTrust 87.9 vs 83.2, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Sandboxes & Runtimes
E2B and BoxLite lead sandboxes & runtimes. Compare HVTrust 76.8 vs 74.7, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Robotics & Embodied
LeRobot and Habitat-Lab lead robotics & embodied. Compare HVTrust 87.7 vs 48.9, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · LLM Gateways & Infra
Bifrost and Headroom lead llm gateways & infra. Compare HVTrust 88.1 vs 87.3, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Multi-Agent Systems
AIPass and Solace Agent Mesh lead multi-agent systems. Compare HVTrust 82.0 vs 78.7, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · UI & App Builders
Neo and OpenUI lead ui & app builders. Compare HVTrust 85.6 vs 85.4, evidence grades, safety signals, and maintenance.
Read comparison →
July 6, 2026 · 4 min read · Needs review
Eve and Obsidian Second Brain lead needs review. Compare HVTrust 62.1 vs 59.7, evidence grades, safety signals, and maintenance.
Read comparison →