RRepoGEO

REPOGEO REPORT · LITE

trailofbits/buttercup

Default branch main · commit 73bb479a · scanned 5/21/2026, 5:07:15 PM

GitHub: 1,587 stars · 178 forks

Scan history for this repo

Score trend below includes all ready runs (older left, newer right; scroll horizontally if needed). The table is collapsed by default—expand for newest-first rows, 10 per page.

Score trend (left → right: older → newer)

2 ready scans. Expand the table below for newest-first rows (10 per page, paginated).

AI VISIBILITY SCORE
35 /100
Critical
Category recall
0 / 2
Not recommended in any query
Rule findings
1 pass · 1 warn · 0 fail
Objective metadata checks
AI knows your name
3 / 3
Direct prompts that named your repo
HOW TO READ THIS REPORT

Action plan is what to do next — copy-pasteable changes prioritized by impact. Category visibility is the real GEO test: when a user asks an AI a brand-free question that should surface trailofbits/buttercup, does the AI actually recommend you — or your competitors? Objective checks verify the metadata signals AI engines weight first. Self-mention check detects whether AI even knows you exist by name.

Action plan — copy-paste fixes

3 prioritized changes generated by gemini-2.5-flash. Mark items done after you ship the fix.

OVERALL DIRECTION
  • hightopics#1
    Add specific topics to improve categorization

    Why:

    COPY-PASTE FIX
    vulnerability-management, fuzzing, ai-security, automated-patching, cyber-reasoning-system, darpa-aixcc, software-security, open-source-security
  • highreadme#2
    Reposition core function in README's first sentence

    Why:

    CURRENT
    Buttercup is a Cyber Reasoning System (CRS) developed by Trail of Bits for the DARPA AIxCC (AI Cyber Challenge). Buttercup finds and patches software vulnerabilities in open-source code repositories like example-libpng.
    COPY-PASTE FIX
    Buttercup is an AI-powered Cyber Reasoning System (CRS) developed by Trail of Bits for the DARPA AIxCC (AI Cyber Challenge) that automatically finds and patches software vulnerabilities in open-source code repositories.
  • mediumhomepage#3
    Add project homepage URL

    Why:

    COPY-PASTE FIX
    [Insert the official project homepage URL here, e.g., a dedicated project page or the Trail of Bits website if no specific project page exists]

Category GEO backends resolved for this scan: google/gemini-2.5-flash, deepseek/deepseek-v4-flash

Category visibility — the real GEO test

Brand-free queries asked to google/gemini-2.5-flash. Did AI recommend you, or someone else?

Same questions for every model — switch tabs to compare answers and rankings.

Recall
0 / 2
0% of queries surface trailofbits/buttercup
Avg rank
Lower is better. #1 = top recommendation.
Share of voice
0%
Of all named tools, what % are you?
Top rival
Mayhem (Forallsecure)
Recommended in 1 of 2 queries
COMPETITOR LEADERBOARD
  1. Mayhem (Forallsecure) · recommended 1×
  2. google/oss-fuzz · recommended 1×
  3. Fuzzbuzz · recommended 1×
  4. AFLplusplus/AFLplusplus · recommended 1×
  5. LibFuzzer (LLVM project) · recommended 1×
  • CATEGORY QUERY
    What AI-powered tools exist for discovering security vulnerabilities through advanced fuzzing?
    you: not recommended
    AI recommended (in order):
    1. Mayhem (Forallsecure)
    2. OSS-Fuzz (Google) (google/oss-fuzz)
    3. Fuzzbuzz
    4. AFL++ (American Fuzzy Lop ++) (AFLplusplus/AFLplusplus)
    5. LibFuzzer (LLVM project)
    6. Syzkaller (Google) (google/syzkaller)

    AI recommended 6 alternatives but never named trailofbits/buttercup. This is the gap to close.

    Show full AI answer
  • CATEGORY QUERY
    How can I automatically generate and apply security patches for identified software flaws?
    you: not recommended
    AI recommended (in order):
    1. Snyk
    2. Dependabot
    3. Renovate Bot (renovatebot/renovate)
    4. OWASP Dependency-Check (jeremylong/DependencyCheck)
    5. Greenkeeper
    6. JFrog Xray
    7. WhiteSource Renovate

    AI recommended 7 alternatives but never named trailofbits/buttercup. This is the gap to close.

    Show full AI answer

Objective checks

Rule-based audits of metadata signals AI engines weight most.

  • Metadata completeness
    warn

    Suggestion:

  • README presence
    pass

Self-mention check

Does AI even know your repo exists when asked about it directly?

  • Compared to common alternatives in this category, what is the core differentiator of trailofbits/buttercup?
    pass
    AI named trailofbits/buttercup explicitly

    AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?

  • If a team adopts trailofbits/buttercup in production, what risks or prerequisites should they evaluate first?
    pass
    AI named trailofbits/buttercup explicitly

    AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?

  • In one sentence, what problem does the repo trailofbits/buttercup solve, and who is the primary audience?
    pass
    AI named trailofbits/buttercup explicitly

    AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?

Embed your GEO score

Drop this badge into the README of trailofbits/buttercup. It auto-updates whenever the report is rescanned and links back to the latest report — easy public proof that you care about AI discoverability.

RepoGEO badge previewLive preview
MARKDOWN (README)
[![RepoGEO](https://repogeo.com/badge/trailofbits/buttercup.svg)](https://repogeo.com/en/r/trailofbits/buttercup)
HTML
<a href="https://repogeo.com/en/r/trailofbits/buttercup"><img src="https://repogeo.com/badge/trailofbits/buttercup.svg" alt="RepoGEO" /></a>
Pro

Subscribe to Pro for deep diagnoses

trailofbits/buttercup — Lite scans stay free; this card itemizes Pro deep limits vs Lite.

  • Deep reports10 / month
  • Brand-free category queries5 vs 2 in Lite
  • Prioritized action items8 vs 3 in Lite
trailofbits/buttercup — RepoGEO report