Asteroidpy

v1.3.2 suspicious
5.0
Medium Risk

A tool for asteroid observation scheduling and analysis

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has a moderate risk score due to its network activity, which requires further scrutiny to ensure legitimacy. Additionally, the missing author information and potential inactivity of the maintainer raise concerns about its trustworthiness.

  • Network risk due to external calls
  • Missing maintainer information
Per-check LLM notes
  • Network: The package makes external network calls which could be legitimate depending on its functionality, but requires further investigation to ensure it's not engaging in unauthorized data transfer.
  • Shell: No shell execution patterns were detected, indicating a low risk of direct system command execution.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The maintainer's author name is missing and seems to be new or inactive, which raises some concern but not enough to definitively label it as malicious.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • ken.""" try: r = requests.get( MPC_WHATSUP_INDEX_URL, headers=_MPC
  • "json"} try: r = requests.get( SEVENTIMER_API_URL, params=payload,
  • \u2713" try: r = requests.post( url, data=body, headers
  • n.load_config(config) # r=requests.get('https://www.minorplanetcenter.net/Extended_Files/neocp.json
  • ) try: async with httpx.AsyncClient(timeout=timeout) as client: r = await client.get
  • ) try: async with httpx.AsyncClient(timeout=timeout) as client: r = await client.pos
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository ziriuz84/asteroidpy appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with Asteroidpy 
Create a web-based application called 'Asteroid Watcher' using Flask and the Asteroidpy package. This application will allow amateur astronomers and enthusiasts to schedule observations of asteroids, analyze observational data, and visualize the trajectories of these celestial bodies. The application should have the following features:

1. User Authentication: Users should be able to register and log in to their accounts.
2. Scheduling Observations: Users can input specific dates and times to schedule observations of asteroids. They should also be able to select which asteroid they want to observe from a list provided by the Asteroidpy package.
3. Data Analysis: Upon uploading observational data, the application should use Asteroidpy to analyze the data and provide insights such as the asteroid's trajectory, speed, and any anomalies detected during the observation.
4. Visualization: The app should generate visual representations of the asteroid's path over time, including its orbit around the sun, and highlight the user's scheduled observation points on this path.
5. Community Features: Users should be able to share their findings and observations within the community, similar to a forum where discussions about specific asteroids can take place.

Utilize the Asteroidpy package to handle the scheduling logic, data analysis, and visualization aspects of the application. Ensure that the interface is user-friendly and that all functionalities are accessible through both web forms and API endpoints for advanced users who wish to automate certain tasks.