AI Analysis
Final verdict: SUSPICIOUS
The package has a moderate risk score due to potential code obfuscation and incomplete metadata, raising concerns about its integrity and purpose.
- Obfuscation risk due to the use of eval for dynamic attribute setting
- Incomplete metadata with missing repository and author details
Per-check LLM notes
- Network: No network calls detected, which is normal if the package does not require internet access.
- Shell: No shell execution patterns detected, indicating no direct system command execution.
- Obfuscation: The use of eval with dynamic attribute setting is suspicious and may indicate obfuscation or code injection.
- Credentials: No clear patterns indicating credential harvesting were detected.
- Metadata: The package shows some red flags with a missing repository and author details, but no concrete evidence of malice.
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
score 2.0
Found 1 obfuscation pattern(s)
self.__dict__[field] = eval(value) async def close(self) -> result.StrictOk | resul
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: outlook.com>
Suspicious Page Links
All external links appear legitimate
Git Repository History
score 3.0
Repository not found (deleted or private)
Repository not found (deleted or private)
Maintainer History
score 4.0
2 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with DLMS-SPODES-client
Build a simple Python application using the DLMS-SPODES-client package to demonstrate its core features.