Audience: maintainers. This page captures the repository's GitHub "storefront" — the About panel, README trust signals, the demo image, and the community-health surface — plus how to keep them fresh. None of this changes the merge bar; it is presentation only.
Set in Settings or the gear icon next to About on the repo home. Keep it to a single sentence so it reads well in search results and the sidebar:
Evergreen OSS reference for zero-trust AI agent governance — Cedar policy gates, Ed25519 receipts, and a runnable admin console demo. Not a production-hardened security product.
- Website:
https://github.com/SafetyMP/FidusGate#demo(or a future hosted demo URL). - Topics:
ai-agents,agent-security,zero-trust,cedar,mcp,devsecops,reference-architecture,open-source,typescript,react,nodejs,docker,supply-chain-security.
The badge row lives near the top of README.md:
- Docker Publish —
.github/workflows/docker-publish.yml(GHCR images for gateway + dashboard). - Release — latest GitHub Release via shields.io.
- OpenSSF Scorecard —
.github/workflows/scorecard.yml; badge populates after the first published run onmain. - License — Apache 2.0.
If a workflow file is renamed, update the matching badge URL and its link target.
The README hero references docs/assets/demo.gif — a cycling GIF (2s per frame) across the admin dashboard tabs: ledger, compliance, Cedar simulator, and sandbox. All frames use synthetic demo data (no production credentials).
npm ci && npm run bootstrap- Start the stack:
npm run dev(gateway on:3001, dashboard on:3000) - In another terminal:
npm run screenshots(writes PNGs +docs/assets/demo.gif)
Optional: SCREENSHOT_BASE_URL=http://localhost:3000 npm run screenshots for a non-default host.
Rebuild the GIF from committed PNGs without a browser:
npm run screenshots:rebuild-gifRe-capture when the admin console layout changes materially so the storefront does not drift from the product.
- Source asset:
docs/assets/social-preview.svg(1280×640). - Render to PNG (any SVG renderer) or reuse a frame from
docs/assets/demo.gif. - Upload: Settings → General → Social preview on the GitHub repo.
- Verify: paste the repo URL into Slack/LinkedIn and confirm the custom card renders.
Target 100% on Insights → Community Standards: README, LICENSE, CONTRIBUTING, CODE_OF_CONDUCT, SECURITY, issue templates, and a PR template. Issue templates live under .github/ISSUE_TEMPLATE/. GitHub Discussions is intentionally not enabled; open-ended questions route through the documentation issue template (see .github/ISSUE_TEMPLATE/config.yml).
- OpenSSF Best Practices badge — enroll at bestpractices.dev after community files and CI are stable on
main(complements Scorecard). - CodeQL workflow — add dedicated SAST workflow if org Advanced Security is enabled.
Related: github-branch-protection.md for optional required checks after Scorecard's first run.