Package Metadata

Author: Kaua Gabriel
Email: —
PyPI: KG-ARCHMAP
Python: >=3.11
Versions: 7 releases
First release: 04 Apr 2026, 13:01 UTC
Analysed: 05 Jun 2026, 15:02 UTC
Source files: 61 .py files scanned

Project Links

Bug Tracker Changelog Documentation Homepage Repository

Classifiers

Development Status :: 5 - Production/StableEnvironment :: ConsoleIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseOperating System :: OS IndependentProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to its network and shell execution behaviors, particularly the use of subprocess.run with 'git'. While these actions might be legitimate, they require additional context.

Network calls perform POST requests
Unusual use of subprocess.run with 'git'

Per-check LLM notes

Network: The network calls seem to be performing POST requests which could be legitimate for API interactions but require further context about the package's functionality.
Shell: The shell execution patterns indicate the package might be designed to open files or URLs, which can be benign if documented behavior. However, use of subprocess.run with 'git' is unusual and warrants scrutiny.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
Credentials: No credential harvesting patterns detected, indicating secure handling of secrets and credentials.
Metadata: The maintainer has only one package, which may indicate a new or less active account, raising some suspicion but not conclusive evidence of malice.

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

ad).encode("utf-8") req = urllib.request.Request(url, data=body, headers=headers, method="POST")
"POST") try: with urllib.request.urlopen(req, timeout=timeout) as resp: return js

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

in": try: subprocess.Popen( ["open", str(target_path)],
x(): try: subprocess.Popen( ["termux-open", str(target_path)],
return try: subprocess.Popen( ["xdg-open", str(target_path)], std
e: try: process = subprocess.run( ["git", "-C", str(project_root), *args],
s: try: process = subprocess.run( ["git", "-C", str(project_root), *args],
encode("utf-8") process = subprocess.Popen( ["git", "-C", str(project_root), "cat-file", "--bat

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository Kaua-KGzin/ArchMAP appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Kaua Gabriel" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with KG-ARCHMAP

Create a mini-application named 'ArchVisTool' that leverages the KG-ARCHMAP Python package to analyze and visualize the static architecture of a given Python-based software project. This tool should enable developers to understand the structural dependencies and relationships within their codebase more effectively. Here’s a step-by-step guide on what your application should achieve:

1. **Project Setup**: Initialize a new Python environment and install KG-ARCHMAP along with other necessary libraries such as matplotlib for plotting.
2. **User Interface**: Develop a simple command-line interface (CLI) where users can input the path to their Python project directory.
3. **Analysis Phase**: Utilize KG-ARCHMAP to parse the project files, identify modules, packages, and dependencies. The tool should be able to detect direct imports as well as indirect dependencies through imported modules.
4. **Visualization**: Generate a visual representation of the project's architecture using graphs. Each node represents a module or package, and edges represent dependencies between them. Use different colors to distinguish between types of dependencies (e.g., direct vs. indirect).
5. **Output Presentation**: Display the graph visually within the CLI output or save it as an image file (PNG format) in the specified directory.
6. **Optional Features**:
- Allow users to specify certain modules or packages to focus on for a deeper analysis.
- Implement a feature to highlight critical paths in the dependency graph.
- Provide options to customize the appearance of the graph (node shapes, colors, etc.).
7. **Documentation**: Write comprehensive documentation explaining how to use ArchVisTool, including installation steps, usage examples, and explanations of all available commands and options.

By following these steps, you will create a powerful yet user-friendly tool that enhances the understanding of complex software architectures, making it easier for developers to maintain and evolve their projects.