ASMRManager

v2.9.4 suspicious
5.0
Medium Risk

download, manage and play the voices on asmr.one

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package uses shell commands which, while possibly legitimate, are not well-documented, raising some concern about its usage and potential risks. Additionally, there's evidence suggesting the maintainer might be less active, adding to the uncertainty.

  • Shell risk due to subprocess execution
  • Potential inactive maintainer
Per-check LLM notes
  • Network: No network calls detected, which is normal for most packages.
  • Shell: The use of shell commands and subprocess execution may be legitimate for file management but could indicate potential risks if not properly documented and used cautiously.
  • Metadata: Low risk, but potential low effort and inactive maintainer raises minor concerns.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

  • NCY_LIMIT"): creq, crps = eval(env_concurrency_limit) assert isinstance(creq, int) and
  • in (0, 1) res = eval( tag_strategy, {
Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • tform == "win32": subprocess.Popen(["explorer.exe", path], start_new_session=True) elif
  • rtswith("linux"): subprocess.Popen(["xdg-open", path], start_new_session=True) else:
  • .editor} "{temp_file_path}"', shell=True) # db_path = temp_file_path.with_name('data.db') #
  • pd.conf'} {cmd}", shell=True, capture_output=True, text=True,
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository slqy123/ASMRManager appears legitimate

Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ASMRManager 
Build a simple Python application using the ASMRManager package to demonstrate its core features.