NEMO

v8.0.2 safe
3.0
Low Risk

NEMO is a laboratory logistics web application. Use it to schedule reservations, control tool access, track maintenance issues, and more.

πŸ€– AI Analysis

Final verdict: SAFE

The package shows minimal signs of risk, with low scores across all categories except for metadata, where the maintainer's details are incomplete. There's no strong evidence of malicious behavior or supply-chain attacks.

  • Network calls observed, but likely legitimate
  • Maintainer metadata incomplete
Per-check LLM notes
  • Network: The observed network calls are indicative of the package attempting to establish connections to external servers, which could be legitimate if the package is designed to interact with remote services.
  • Shell: No shell execution patterns were detected, suggesting there is no immediate risk related to executing arbitrary commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, suggesting safe handling of sensitive information.
  • Metadata: The maintainer's author name is missing or very short, and the author seems to be new or inactive with only one package.

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 4.5

Found 3 network call pattern(s)

  • imeout", 10) with socket.create_connection( (interlock.card.server, interlock.card.port
  • try: with socket.create_connection((interlock.card.server, interlock.card.port), 5) as relay_so
  • t", 3) response = requests.get(url, auth=auth, timeout=timeout) response_error
βœ“ Code Obfuscation

No obfuscation patterns detected

βœ“ Shell / Subprocess Execution

No shell execution patterns detected

βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: nist.gov>

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

Repository usnistgov/NEMO appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with NEMO 
Create a fully functional mini-application using the NEMO package to manage laboratory equipment reservations and maintenance requests. Your application should allow users to log in, view available laboratory tools, reserve specific tools for certain time slots, and submit maintenance requests for any tools they find in need of repair. Here are the key steps and features you should implement:

1. User Authentication: Users must be able to create accounts and log in securely.
2. Tool Catalog: Display a catalog of all available laboratory tools with details such as name, type, availability status, and current reservation schedule.
3. Reservation System: Allow logged-in users to reserve tools for specific time slots. Ensure that reservations cannot overlap and that only one user can reserve a tool at a given time.
4. Maintenance Requests: Provide a feature where users can report issues with tools and request maintenance. This should include options to describe the problem and attach images if necessary.
5. Notification System: Implement notifications for users regarding their reservations and the status of their maintenance requests.
6. Admin Panel: Include an admin panel for managing user accounts, approving/disapproving maintenance requests, and updating tool statuses.
7. Reporting: Generate reports on tool usage and maintenance activities for administrative purposes.

Use the NEMO package to handle the backend logistics of scheduling, tracking maintenance issues, and managing user interactions. Focus on integrating NEMO’s core functionalities into your application while ensuring a smooth user experience.