GitHub force-push to sensitive branch

BENQI's assessment for RD-F-108 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

GitHub force-push signal applicable: public repo github.com/Benqi-fi/BENQI-Smart-Contracts exists. However, repo last commit is 2023-01-11 — stale state. Active development may have moved to private repos, making this signal blind to most current codebase changes. No force-push or anomalous push observed in public repo. Signal is production pipeline signal not yet implemented; GitHub monitor not implemented. The repo staleness itself is a code-security concern (F139) assessed by code-security-analyst, not a live signal finding.

Sources #

GitHub
BENQI public GitHub repo — last commit 2023-01-11https://github.com/Benqi-fi/BENQI-Smart-Contractsretrieved 2026-05-16

Methodology #

Detect whether the repository shows a force-push or push to a sensitive branch (main, production tag) from a non-protocol account.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol benqi factor RD-F-108 score gray collected_at 2026-05-16 11:02:12