Package Metadata

Author: Jacob Stewart
Email: [email protected]
PyPI: MediaSigner
Python: <3.13,>=3.10
Versions: 22 releases
First release: 27 Jan 2026, 22:51 UTC
Analysed: 05 Jun 2026, 16:19 UTC
Source files: 4 .py files scanned

Project Links

Changelog Discussions Documentation Homepage Issues Source

Classifiers

Development Status :: 1 - PlanningFramework :: AsyncIOIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseNatural Language :: EnglishOperating System :: OS IndependentProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3 :: OnlyProgramming Language :: Python :: 3.10

🤖 AI Analysis

Final verdict: SAFE

The package appears to be safe with minimal risks identified. The use of base64 decoding slightly increases obfuscation risk, but there are no indications of malicious activity.

No network or shell risks detected.
Base64 decoding present, suggesting some level of code obfuscation.

Per-check LLM notes

Network: No network calls detected, which is normal unless the package requires external services.
Shell: No shell execution detected, indicating no immediate risk from command injection or similar attacks.
Obfuscation: The code uses base64 decoding which can be used for legitimate purposes but also may indicate an attempt to hide code logic.
Credentials: No clear patterns of credential harvesting detected.
Metadata: The maintainer has only one package, which may indicate a new or less active account, but there are no other suspicious flags.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

ue: result[key] = base64.b64decode(str(value["b64"])) elif ( isinstance(val
result[key] = tuple(base64.b64decode(str(entry["b64"])) for entry in value) else:

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: swarmauri.com

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository swarmauri/swarmauri-sdk appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Jacob Stewart" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with MediaSigner

Create a Python-based mini-application called 'SecureMediaUploader' that allows users to upload media files (images and videos) to a remote server while ensuring their integrity and authenticity through digital signatures. This application will utilize the 'MediaSigner' package to manage the signing process, which aggregates various signing methods provided by different plugins. Here’s a detailed plan on how to build this application:

1. **Setup Environment**: Begin by setting up a Python environment with necessary packages including 'MediaSigner'. Ensure all dependencies are installed via pip.
2. **User Interface**: Design a simple command-line interface (CLI) for user interaction. Users should be able to select the type of file they wish to upload (image or video), provide the file path, and choose a signing method from those available through 'MediaSigner'.
3. **File Upload Functionality**: Implement functionality to upload selected files to a remote server. For simplicity, use a mock server endpoint or a cloud storage service API such as AWS S3.
4. **Signing Process**: Utilize the 'MediaSigner' package to sign the uploaded files. Users should be able to specify which signing provider they want to use, and the application should handle the aggregation and execution of the signing process seamlessly.
5. **Verification Feature**: After uploading and signing, provide an option for users to verify the integrity and authenticity of the uploaded files using the same signing method that was applied during the upload phase. Display the verification result clearly in the CLI output.
6. **Error Handling and Logging**: Implement robust error handling to manage exceptions like connection issues, file format errors, and signing failures. Log these events for troubleshooting and auditing purposes.
7. **Security Measures**: Ensure all interactions with the remote server and signing processes are secure. Use HTTPS for data transmission and securely manage any keys or credentials needed for signing and verifying.
8. **Documentation**: Write comprehensive documentation for both end-users and developers. Include setup instructions, usage examples, and details about how the 'MediaSigner' package integrates into the application.

By following these steps, you'll create a useful tool for anyone looking to securely share media files over the internet.