MCP.so
Sign In
Servers
F

Fake Star Audit

@Armada735

Audits a GitHub repository's stargazers for signs of fake-star injection across five deterministic axes (burst, suffix-farm, sequential-id cluster, same-second cluster, inter-star gap regularity) over two windows (oldest 100 + newest 30), plus extended signals. Returns LOW / MEDI

Overview

What is Fake Star Audit?

A transparent, zero-dependency GitHub fake-star checker. It inspects a repository’s stargazer history via the anonymous GitHub API and returns a LOW / MEDIUM / HIGH risk verdict with every rule explained. Designed for investors, engineers, recruiters, and AI agents who need a fast, accountable gut-check on star count believability.

How to use Fake Star Audit?

The tool can be invoked as a standalone CLI (python3 audit.py --repo owner/repo), installed from PyPI (pip install fake-star-audit) and run as fake-star-audit-cli, or used as a Claude Code skill. Its optional MCP server exposes the audit_repo tool over stdio; register it in your MCP client (e.g., Claude Desktop’s config) with uvx fake-star-audit or a local path to mcp_server.py.

Key features of Fake Star Audit

  • Zero dependencies – pure Python standard library
  • No token, no account – uses anonymous GitHub API
  • One-file portable audit.py – just copy and run
  • AI-native – works as a Claude Code skill
  • Transparent verdicts – every flag shows its evidence
  • Conservative heuristics – minimises false accusations

Use cases of Fake Star Audit

  • Due diligence for investors evaluating startup repositories
  • Quick trust check for engineers choosing open-source dependencies
  • Resume and portfolio verification for recruiters
  • Automated repository assessment by LLM agents

FAQ from Fake Star Audit

What risks does it detect?

It flags 5 axes – burst injection, farm suffixes, sequential account IDs, same-second clusters, and machine-regular gaps – plus extended hard signals like fork-star inversion or single-repo mass injection. A deterministic rule combines them into a LOW / MEDIUM / HIGH verdict.

How does it compare to other fake-star tools?

Unlike at-scale research tools (StarScout, Dagster) or install-heavy suites (StarGuard, Astronomer), this tool is the smallest and most portable: no dependencies, no token, instant forensic check of a single repo’s first and latest stargazer windows.

Does it require a GitHub token or any environment variables?

No. It uses the anonymous GitHub API only and never reads a GITHUB_TOKEN or any environment variable.

What are its limitations?

It samples only the oldest ~100 and newest 30 stargazers (not the full history), skips the bootstrap window for repos older than ~90 days, is subject to the anonymous 60‑request/hour rate limit, and is heuristic – not proof of fakery.

How do I connect it to my MCP client?

For Claude Desktop, add to claude_desktop_config.json: command "uvx" with args ["fake-star-audit"]. Or from a local checkout, command "python3" with args pointing to mcp_server.py. The server runs over stdio.

Tags

More from Version Control