Package Metadata

Author: LFPy-team
Email: [email protected]
PyPI: LFPy
Python: <4.0,>=3.10
Versions: 42 releases
First release: 14 Mar 2012, 16:33 UTC
Analysed: 05 Jun 2026, 15:33 UTC
Source files: 29 .py files scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersIntended Audience :: Science/ResearchLicense :: OSI Approved :: GNU General Public License (GPL)License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)Operating System :: OS IndependentProgramming Language :: CythonProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3.10

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package contains high-risk usage of eval() which can be exploited for code execution, along with potential misuse of os.system for directory removal. These factors elevate the suspicion level despite other checks showing low risk.

High risk due to eval() usage
Potential misuse of os.system

Per-check LLM notes

Network: No network calls detected.
Shell: The use of os.system to remove directories suggests automated cleanup but could pose risks if misused.
Obfuscation: The use of eval() with locals() and globals() is highly suspicious as it can be used to execute arbitrary code, indicating potential obfuscation or injection risks.
Credentials: No clear patterns indicative of credential harvesting were found.
Metadata: The package has some non-secure links but no other red flags.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

pe) syn = eval(command, locals(), globals()) for param
d2 stim = eval(command, locals(), globals()) for key, v
dumps) pickled_cell = pickle.loads(cell_pickle) for attribute in dir(cell):

⚠ Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

.gids, np.arange(4)) os.system('rm -r tmp_testNetworkPopulation') for cell in popul
etwork.pc.gid_clear() os.system('rm -r tmp_testNetworkPopulation') for population in

✓ Credential Harvesting

No credential harvesting patterns detected

⚠ Typosquatting score 3.0

Possible typosquat of: mypy

"LFPy" is 2 edit(s) from "mypy"

✓ Registered Email Domain

Email domain looks legitimate: users.noreply.github.com

⚠ Suspicious Page Links score 10.0

Found 18 suspicious link(s) on the package page

Non-HTTPS external link: http://www.neuron.yale.edu/neuron
Non-HTTPS external link: http://www.frontiersin.org/neuroinformatics/10.3389/neuro.11.001.2009/abstract
Non-HTTPS external link: http://www.csc.kth.se/~helinden/PettersenLindenDaleEinevoll-BookChapter-revised.
Non-HTTPS external link: http://www.nmbu.no/imt
Non-HTTPS external link: http://www.nmbu.no
Non-HTTPS external link: http://www.nencki.gov.pl/en/laboratory-of-neuroinformatics

✓ Git Repository History

Repository LFPy/LFPy appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "LFPy-team" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with LFPy

Create a mini-application that simulates and visualizes Local Field Potentials (LFPs) from a multicompartmental neuron model using the LFPy package in Python. Your application should allow users to input various parameters such as neuron morphology, synaptic inputs, and electrode locations. It should then use LFPy to calculate the resulting LFP signals and display them graphically. Additionally, implement features like saving simulation results to files and allowing users to load previously saved simulations. Utilize LFPy's capabilities for building complex neuron models and calculating extracellular potentials to provide an interactive and educational tool for neuroscience researchers and students.