Stacklok Insight concepts

Explore this section to learn about the key concepts that Stacklok Insight uses to assess the health and risks associated with open source packages.

🗃️ Security signals

Security indicators that open source consumers should consider

📄️ Activity health

Project activity as an indicator of project health and sustainability

📄️ Vulnerabilities

Identify known vulnerabilities in open source packages

📄️ Malicious packages

Avoid malicious code and malware in package registries

📄️ Transitive dependencies

Insight into the full dependency tree of a package

📄️ License information

Understand the legal implications of using a package