Best Open-Source Needs review: Supervision vs Engram
A data-backed comparison of the top two needs review on HVTracker, built from public trust signals rather than stars alone.
Short answer: Supervision currently leads Engram on HVTracker's evidence-weighted trust score: 24.4 vs 24.1/100. This is not a popularity ranking; it combines supply-chain safety, identity/provenance, transparency, maintenance, and adoption signals.
Supervision
We write your reusable computer vision tools. 💜
Engram
Persistent memory system for AI coding agents. Agent-agnostic Go binary with SQLite + FTS5, MCP server, HTTP API, CLI, a
Supervision vs Engram: trust signal breakdown
Both projects are tracked in the Needs review category, but they do not expose the same evidence. The table below compares the public signals that feed HVTrust.
| Signal | Supervision | Engram |
|---|---|---|
| HVTrust score | 24.4 | 24.1 |
| Safety / Integrity | 0.0/30 | 3.0/30 |
| Identity / Provenance | 10.8/20 | 10.8/20 |
| Transparency | 8.5/20 | 8.5/20 |
| Maintenance | 18.4/20 | 17.3/20 |
| Adoption | 11.1/10 | 8.7/10 |
| OSSF Scorecard | Unavailable | Unavailable |
| Signed commits | Unknown | 60% |
| Package provenance | Not detected | Not detected |
Which one should you evaluate first?
If your priority is the most verifiable trust profile today, start with Supervision. It has the stronger current HVTrust score and ranks higher in Needs review. If your use case depends on a specific runtime, language, license, or integration model, use the individual profiles rather than the headline score alone.
For production use, the practical checklist is: inspect the security policy, confirm package provenance or release signing where available, review recent maintenance cadence, and compare the exact trust breakdown. HVTracker is meant to reduce the first-pass research burden, not replace your own risk review.