ANNOUNCEMENT · June 24, 2026 · 5 min read
Threadplane Earns a Grade A for Trust
An independent tracker scored Threadplane's supply-chain trust at 82.8/100 — a Grade A, #7 of 75 agent frameworks, and the only Angular agent framework on the board. Here's the work behind the grade, and why it matters for agent frameworks specifically.
Every agent framework asks you to trust it. I'd rather you measure it.
HVTracker is an independent trust tracker for AI agent software. It just scored Threadplane at 82.8/100 — a Grade A.
In the Agent Frameworks category, that's #7 of 75. And it's the #1 — really the only — Angular agent framework on the list.
I didn't fill out a questionnaire or pay for a badge. HVTracker scores from public signals only: the GitHub API, the npm and PyPI registries, and the OpenSSF Scorecard CLI, refreshed daily. The grade is what their analysis says about us, not what we say about ourselves.
For me, that's the whole point. A trust claim you make about yourself isn't worth much.
#Who else is on the list?
This is the part I keep coming back to. Let's look at the company we're keeping.
| Rank | Framework | Trust | Stars |
|---|---|---|---|
| 1 | Haystack | 95.5 | 25.7k |
| 2 | Vercel AI SDK | 95.1 | 25.1k |
| 3 | LangGraph | 93.0 | 35.6k |
| 6 | OpenAI Agents SDK | 85.8 | 27.4k |
| 7 | Threadplane | 82.8 | 99 |
| 8 | CrewAI | 80.6 | 54.3k |
| 11 | LangChain | 76.6 | 140.1k |
Look at the stars column.
Threadplane ranks above CrewAI, AutoGen, and LangChain on trust — with 99 GitHub stars against their tens of thousands.
That isn't a glitch. HVTrust is weighted toward supply-chain integrity and provenance, not popularity. A package can be downloaded millions of times a week and still have thin security signals. A smaller one can have every signal in place. The grade rewards the second kind, which is the whole reason a tracker like this exists.
And I'll be just as honest about where we're weak. Our lowest signal is adoption. With 99 stars, that's the part of the profile we have the most room to grow, and it's the one place the big projects above us are genuinely ahead. I'm not going to dress that up.
#What does a Grade A actually mean?
HVTracker is careful about its own claims, and I want to be too. Right on the listing, they print this:
Not a safety endorsement. HVTracker describes what public signals show, not whether a project is safe for your use case. Run your own security review before adopting in production.
That caveat is exactly why the grade is worth anything.
It's not a sticker that says "trust us." It's a measurement across five dimensions:
- Safety / Integrity — OSSF Scorecard, provenance, signatures.
- Identity / Provenance — a verifiable link between the published package and the source that built it. This is our strongest signal.
- Transparency — a declared, OSI-approved license and public checks.
- Maintenance — commit freshness and cadence.
- Adoption — stars and downloads.
Grade A just means the score lands in the top band (A is 80 and up). It doesn't mean anyone audited your threat model for you. It means the public evidence is strong, and you can go verify every piece of it yourself.
#Why this matters more for agent frameworks
Most software you install does one job in one place. An agent framework is different.
It runs models. It executes tool calls. It reaches for credentials and acts on behalf of your users, often with real authority over real systems.
So the blast radius of a compromised dependency underneath an agent is bigger than almost anything else in your stack. That's what makes "is this thing's supply chain in order" a real question and not a checkbox.
It's also the gap the tooling exists to close. The OpenSSF Scorecard — the engine behind a big part of HVTrust — checks the parts of the chain attackers actually go after: source, build, dependencies, signing, and maintenance. As OpenSSF puts it, a lot of open source is run by small teams with limited resources, which is exactly the soft target supply-chain attacks look for. And a Sonatype analysis found a project's Scorecard score was one of the best available predictors of whether it carried known vulnerabilities.
From my experience, that's the question worth asking before you install anything an agent will run: how much of your app are you handing to code you didn't write, and can you prove where it came from?
#The work behind the grade
The grade is the output. Here's the input — the boring, unglamorous hygiene that earns it.
- OSSF Scorecard 7.7/10 — branch protection, signed releases, dependency review, code review, run continuously.
- MIT licensed — a declared, OSI-approved, permissive license. No ambiguity about what you can do with it.
- 82% of recent commits cryptographically signed — so you can confirm code came from who the commit claims.
- Verifiable provenance — a traceable line from the npm package back to the build that produced it.
- Active maintenance — the repo was pushed to within the last day when it was scored.
None of these are exotic. Doing all of them, and keeping them done, is what moves a project from "probably fine" to "you can check."
#Open by default
Threadplane is MIT-licensed open source. The framework — the LangGraph and AG-UI adapters, the generative-UI runtime, the protocol types — is free, and it stays free.
One library, @threadplane/chat, carries a commercial license. That's the single piece that funds keeping everything else open and maintained.
For me, that's the honest version of sustainable open source. The trust signals above aren't marketing paint on a closed product. They're what I hold the whole codebase to, and almost all of that codebase is MIT and sitting right there for you to read.
The full breakdown — every dimension, the Scorecard checks, and the raw JSON — is public on the Threadplane HVTracker listing. Take their word, then go verify it.
#Conclusion
A trust grade is a starting point, not a finish line. The real way to evaluate a framework is to build something with it.
So if you're curious: read the listing and the Agent Frameworks leaderboard, browse the source on GitHub (all of it — it's almost all open), and ship your first streaming agent UI with the quickstart.
We'll keep the signals fresh, keep the framework open, and keep working on the one number I'm not proud of yet. The rest, you can verify. 💚