Package Metadata

Author: DeMONLab-BioFINDER
Email: —
PyPI: Leakly
Python: >=3.10
Versions: 3 releases
First release: 13 May 2026, 21:10 UTC
Analysed: 05 Jun 2026, 15:42 UTC
Source files: 16 .py files scanned

Project Links

Classifiers

Development Status :: 3 - AlphaIntended Audience :: Science/ResearchOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3 :: OnlyProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Topic :: Scientific/EngineeringTopic :: Scientific/Engineering :: Artificial Intelligence

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has no detectable malicious activities such as network calls, shell executions, or obfuscation. However, the metadata risk score is elevated due to the maintainer having only one package, suggesting potential newness or less activity, which warrants further scrutiny.

Metadata risk due to single package by maintainer
No direct malicious activities detected

Per-check LLM notes

Network: No network calls detected, which is normal unless the package's functionality requires external communications.
Shell: No shell execution patterns detected, indicating the package does not attempt to execute system commands without user interaction.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
Credentials: No credential harvesting patterns detected, indicating low risk of secret theft.
Metadata: The maintainer has only one package, which may indicate a new or less active account, raising some suspicion but not conclusive evidence of malice.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository DeMONLab-BioFINDER/Leakly appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "DeMONLab-BioFINDER" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with Leakly

Develop a mini-application called 'MLPipelineInspector' that leverages the 'Leakly' package to perform comprehensive leakage checks on machine learning pipelines. This tool will be designed to help data scientists ensure their models are not suffering from data leakage, which can significantly degrade model performance. Here’s a detailed step-by-step guide on how to build this application:

1. **Setup**: Begin by setting up your development environment with Python and installing necessary packages such as 'Leakly', 'scikit-learn', and any other dependencies required.
2. **Data Preparation**: Create or use a public dataset to demonstrate the functionality of MLPipelineInspector. Ensure the dataset includes both features and labels that could potentially cause leakage if not handled properly.
3. **Pipeline Creation**: Develop a simple machine learning pipeline using scikit-learn that includes preprocessing steps and a final estimator. Introduce potential leakage points within this pipeline to simulate real-world scenarios.
4. **Integration of Leakly**: Use the 'Leakly' package to integrate leakage detection into the pipeline. This involves running permutation tests to identify any variables that might be leaking information about the target variable.
5. **Visualization**: Implement visualization tools to display the results of the permutation tests in an intuitive manner. This could include bar charts showing the level of leakage for each feature or a heatmap illustrating correlations between features and the target variable.
6. **Interactive Interface**: Develop a basic command-line interface (CLI) or web-based frontend where users can upload their own datasets and pipelines. The application should then automatically detect and highlight potential leakage issues.
7. **Documentation**: Provide thorough documentation explaining how to install and use MLPipelineInspector, including examples and best practices for avoiding data leakage in machine learning projects.
8. **Testing and Validation**: Conduct extensive testing to validate the accuracy and reliability of the leakage detection process. Include unit tests and integration tests to ensure all components work seamlessly together.
9. **Deployment**: Prepare the application for deployment by containerizing it using Docker, making it easy for others to run and use without needing to set up their own environment.
10. **Community Contribution**: Encourage contributions from the community by setting up a GitHub repository and inviting feedback and improvements on the tool.

This project aims to be a practical and educational tool that helps developers and data scientists understand and mitigate data leakage in their machine learning projects.