DGLZ

v0.1.31.post1 suspicious
6.0
Medium Risk

EEG emotion recognition with CNN-Transformer encoders and three-stage hierarchical classifiers

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to its network and shell execution behaviors, suggesting potential hidden intentions or vulnerabilities.

  • High shell risk due to direct system modifications
  • Moderate network risk with potential for hidden HTTP behavior
Per-check LLM notes
  • Network: The network calls appear to be making HTTP requests with custom User-Agent strings and handling responses, which could be used for updates or telemetry but may also hide malicious behavior.
  • Shell: Executing shell commands and pip installations directly from the package can be risky as it allows the package to modify the system, potentially installing malicious software.
  • Obfuscation: The observed patterns suggest potential obfuscation techniques but could also be part of normal model evaluation and saving/loading processes.
  • Credentials: No clear evidence of credential harvesting activities detected.
  • Metadata: The maintainer has only one package and lacks a GitHub repository, indicating potential newness or inactivity.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • e limit). """ req = urllib.request.Request(url, headers={"User-Agent": "eemo-cli-updater"})
  • er"}) try: with urllib.request.urlopen(req, timeout=10) as resp: body = resp.r
  • error try: req = urllib.request.Request( _PYPI_JSON_URL, headers={"Accept": "app
  • son"}, ) with urllib.request.urlopen(req, timeout=_REQUEST_TIMEOUT) as resp:
  • glz-" try: req = urllib.request.Request(url, headers={"User-Agent": "eemo-cli-updater"})
  • o-cli-updater"}) with urllib.request.urlopen(req, timeout=_GITHUB_TIMEOUT) as resp: r
Code Obfuscation score 10.0

Found 5 obfuscation pattern(s)

  • return model.to(device).eval() ss_model = _load_model(f"{_prefix}subject_state", ss_
  • .no_grad(): model.eval() if isinstance(dummy_input, torch.Tensor):
  • s: list[dict] = [] model.eval() with torch.no_grad(): for mat_file in mat_file
  • ress_level) buf = __import__("io").BytesIO() torch.save(data, buf, _use_new_zipfil
  • _time = __import__("time") _time.sleep(0.1)
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • e() try: result = subprocess.run( cmd, capture_output=True,
  • pt paths). """ return subprocess.run( [sys.executable, "-m", "pip", "install", "--no-cach
  • _PROCESS = 0x00000008 subprocess.Popen( ["cmd", "/c", bat_path], creationfl
  • """ try: r = subprocess.run( [sys.executable, "-c", "import eem
  • try: subprocess.run( [sys.executable, "-c", "import eemo
  • re total = int( subprocess.check_output(["sysctl", "-n", "hw.memsize"], stderr=subprocess.DEVNULL).s
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "SuShuHeng" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with DGLZ 
Create a fully-functional mini-application that leverages the 'DGLZ' package for EEG emotion recognition using CNN-Transformer encoders and a three-stage hierarchical classifier system. This application will serve as a tool for researchers and enthusiasts interested in understanding emotions based on EEG signals. The application should include the following steps and features:

1. Data Importation: Users should be able to upload their own EEG data files (in a supported format such as .edf or .csv) through a user-friendly interface.
2. Preprocessing: Implement basic preprocessing steps like filtering, artifact removal, and normalization of the uploaded EEG data to ensure high-quality input for the emotion recognition model.
3. Emotion Recognition: Utilize the 'DGLZ' package to process the preprocessed EEG data through its CNN-Transformer encoder and three-stage hierarchical classifier. This involves feeding the processed EEG data into the model to predict emotions.
4. Visualization: Display the predicted emotions alongside the original EEG signal plot for better interpretation. Additionally, provide a timeline or graph showing the progression of emotional states over time.
5. User Feedback: Allow users to rate the accuracy of the emotion prediction compared to their subjective experience, which could help in improving the model over time.
6. Documentation: Provide comprehensive documentation detailing how to use the application, including setup instructions, API references, and examples of input/output formats.
7. Integration: Consider integrating the application with other tools or platforms that might benefit from real-time emotion analysis, such as VR systems or mental health monitoring apps.

By following these steps and incorporating these features, the application will not only demonstrate the capabilities of the 'DGLZ' package but also provide a practical tool for exploring the fascinating intersection of EEG signals and human emotions.