Query verified behavioral commitment data for a domain. Returns aggregated signals: unique verified visitors, repeat visit rate, and average time spent. These prove real human engagement — harder to fake than reviews or content.

Search for a Norwegian business and get its commitment profile from public data (Brønnøysund Register Centre). Returns real commitment signals that can't be faked:

• Temporal commitment: how long the business has operated

• Financial commitment: revenue, profitability, equity health

• Operational commitment: employee count, active status

• Overall commitment score (0-100)

Data source: Norwegian government registers (Brreg). No user-contributed data needed — immediate trust verification for any Norwegian business.

Look up a specific Norwegian business by organization number and get its commitment profile from public data (Brønnøysund Register Centre). Returns real commitment signals: longevity, financial health, operational activity, and overall commitment score.

Get a behavioral commitment profile for any public GitHub repository. Returns real signals: how long the project has existed, recent commit frequency, contributor community size, release cadence, and social proof. These are behavioral commitments — harder to fake than README claims.

Useful for: vetting open-source dependencies, evaluating AI tools/frameworks, assessing vendor reliability. Examples: "vercel/next.js", "facebook/react", "https://github.com/piiiico/proof-of-commitment"

Get a behavioral commitment profile for any npm package. Returns real signals: package age, download volume and trend (growing/stable/declining), release consistency, npm publisher count, GitHub contributor count, and linked GitHub activity.

Supply chain attacks target packages with low publisher depth (few people with npm publish access). Behavioral signals reveal what download counts hide.

Useful for: vetting dependencies, identifying abandonware, due diligence on open-source packages. Examples: "langchain", "@anthropic-ai/sdk", "express", "litellm"

Get a behavioral commitment profile for any PyPI (Python) package. Returns real signals: package age, download volume and trend, release consistency, publisher/owner count, and linked GitHub activity.

Supply chain attacks target Python packages — LiteLLM (97M downloads/mo) was compromised via stolen PyPI token in March 2026. Behavioral signals reveal what star counts hide.

Useful for: vetting Python dependencies, identifying abandonware, supply chain risk due diligence. Examples: "langchain", "litellm", "openai", "anthropic", "requests", "fastapi", "pydantic"

Batch-score multiple npm or PyPI packages for supply chain risk. Takes a list of package names and returns a risk table sorted by commitment score (lowest = highest risk first).

Risk flags:

• CRITICAL: single npm publisher + >10M weekly downloads (publish-access concentration risk)

• HIGH: new package (<1yr) + high downloads (unproven, rapid adoption = supply chain risk)

• WARN: no release in 12+ months (potential abandonware)

Perfect for auditing a full package.json or requirements.txt — paste your dependency list and get a prioritized risk report.

Examples: score all deps in a project, compare two similar packages, identify abandonware before it becomes a CVE.