GitHub force-push to sensitive branch

Across Protocol's assessment for RD-F-108 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

GitHub force-push to sensitive branch | Yes | Across's primary contracts repo: https://github.com/across-protocol/contracts. No public reports of unauthorized force-push to main/production branches in the assessment window. The February 2026 audits correspond to recent main-branch changes, consistent with normal development cadence. | Force-push or unauthorized push to main/production branch | No

Sources #

URL
Across Protocol contracts GitHub (no FV config found)https://github.com/across-protocol/contractsretrieved 2026-04-26

Methodology #

Detect whether the repository shows a force-push or push to a sensitive branch (main, production tag) from a non-protocol account.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol across-protocol factor RD-F-108 score green collected_at 2026-04-30 21:19:18