Git clone and HTTP and Hub API limits

I’m a security researcher analyzing OSS Supply Chain, extending my work to include HuggingFace, similar to what I do with NPM, RubyGems, and other registries. I use shallow git clones and the models API for metadata but have hit 429 errors, which I didn’t expect for public APIs and the git clone. I couldn’t find documentation on these limits. I know about Inference API limits, but did not encounter 429 in the mentioned APIs.

Could you point me to resources or guidelines on rate limits for the models API to continue my research without overloading your services?