Because Vouch exposes the vouch list as a plain text file (VOUCHED.td), I realized I could aggregate them across GitHub and build a reputation index. A crawler finds every VOUCHED.td file, pulls the entries, and computes a weighted score per user. Vouches from high-star repos count more than vouches from zero-star repos.
Next step is to wire up an API so that the vouch GH action can start to use this data to auto approve contributors.
For the same price, what is a reasonable score to auto-accept? If I make a small contribution to a large project, I'd automatically get a much larger score out of the gate, vs. if I contribute to a much smaller project. That would incentivize contributions to larger projects, and disincentivize contributing to smaller projects, that doesn't seem good for the ecosystem either.
I'm not sure why a more page-rank style system wasn't used. Effectively, rank users based on the diversity of the projects they're vouched in. That would avoid the problem of people being able to farm, and encourage contributions across the OS ecosystem.