GitHub force-push to sensitive branch

JustLend DAO's assessment for RD-F-108 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

GitHub force-push/sensitive-branch push — T-09 phase-2 signal; applicable (substrate-agnostic). JustLend has public GitHub org (github.com/justlend/justlend-protocol). Last commit 2026-03-24 (data cache). No public alert of force-push or sensitive-branch compromise. GitHub monitoring not in production pipeline. Security.md absent (data cache security_md_present = false).

Sources #

GitHub
JustLend Protocol — GitHub RepositoryJustLend protocol GitHub repository — last_commit_date = 2026-03-24, security_md_present = false (data cache)retrieved 2026-05-17

Methodology #

Detect whether the repository shows a force-push or push to a sensitive branch (main, production tag) from a non-protocol account.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol justlend factor RD-F-108 score gray collected_at 2026-05-17 10:25:32