I like the idea, but I have difficulty putting a lot of trust in projects with AI generated descriptions.

That isn't dude not a vibe coded stuff. Its a complex architecture the src code is attached in Read Me file below do check.

github repo with only pre-compiled binaries coming from npmjs. These days anything from npmjs should already raise red flags, let alone something pre-compiled without sources.

Tbf the new trusted publishers goes a long way to improving this (not used by this package by the look of it). I migrated a few of my packages to it, and now:

- publishing with an API token is forbidden, must use the specified workflow w/ OIDC auth

- an explicit approval step in GitHub is required to run the publish workflow (you can also set a time delay, similar to time release safes)

- provenance is generated and published

Ref: https://docs.npmjs.com/trusted-publishers/

I think you can compile the rust core lib from source yourself - https://github.com/Shyam20001/brahma-core

Exactly I have attached the src link in Readme file. I'm maintaining independent sources and planning to build the same for python via maturin

Why not bypass Node.js entirely and write the service(s) directly in Rust? Am I missing anything?

Not everyone knows Rust, but JavaScript is widely known. A library that delivers Rust-level performance without requiring developers to learn anything new would likely be very popular. That being said, if you need Rust performance, it's a better idea to just learn Rust. Is not that hard.

Every one need node so who gonna migrate all those legacy code bases to some other language just to get extra perf...?

not every one do need node