repometascore (aka repository metadata scoring) analyzes metadata of the given repository, collects info about its contributors, and outputs the risk level.
Why do you think that https://github.com/ochronasec/ochrona-cli is a good alternative to repometascore