OpenEXR

v3.4.12 suspicious
5.0
Medium Risk

Python bindings for the OpenEXR image file format

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows moderate risk due to potential code obfuscation and signs of low maintenance, though it does not exhibit clear malicious intent or network/shell credential risks.

  • High obfuscation risk due to eval usage
  • Signs of low maintenance effort
Per-check LLM notes
  • Network: No network calls detected, which is normal and expected.
  • Shell: Shell execution detected is likely related to building the package from source, which is common for C++ libraries like OpenEXR.
  • Obfuscation: The use of eval with dynamic string construction suggests potential for code injection and is indicative of obfuscation, likely to hide functionality.
  • Credentials: No direct evidence of credential harvesting patterns was found.
  • Metadata: The package shows low maintenance and effort signs, with a non-secure external link, but lacks clear indicators of malicious intent.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • f.names: self.v = eval("self." + v) else: self.v = v def __
Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • try: subprocess.run( [ "cmake",
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: openexr.com>

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://www.openexr.com
Git Repository History

Repository AcademySoftwareFoundation/OpenEXR appears legitimate

Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with OpenEXR 
Develop a Python-based mini-application named 'EXRViewer' that allows users to visualize and manipulate images in the OpenEXR format. This tool will serve as a bridge between professional-grade image editing software and casual users who might not have access to such tools. EXRViewer will provide a user-friendly interface to load, display, and adjust various properties of EXR images.

Core Features:
1. **Image Loading**: Users should be able to load EXR files from their local system into the application. The application should support multi-channel EXR images, allowing users to select which channels they want to view.
2. **Image Display**: Once loaded, the application should display the selected EXR image in a window. Users should be able to zoom in/out, pan across the image, and view it in different color modes (e.g., RGB, linear, logarithmic).
3. **Channel Manipulation**: Provide sliders or input fields for adjusting the intensity of each channel in the EXR image. Users should also be able to apply simple filters like brightness/contrast adjustments directly within the application.
4. **Saving Adjustments**: After making changes to the image, users should have the option to save the modified EXR file back to their local system.
5. **Metadata Viewer**: Include a feature that displays metadata associated with the EXR file, such as resolution, depth, and any custom attributes defined by the creator.

Utilizing the 'OpenEXR' Package:
- Use the OpenEXR package to handle the loading and saving of EXR files. Specifically, leverage the `Imath` module for handling pixel data and the `OpenEXR` module for file I/O operations.
- For displaying images, consider integrating with a GUI toolkit like PyQt or PyGTK. These libraries can be used alongside OpenCV for rendering the images in a window.
- Implement channel manipulation by directly accessing and modifying the pixel data using the OpenEXR API. Ensure that all changes are applied in a non-destructive manner, allowing users to revert to the original image at any time.
- When saving adjustments, ensure that the EXR file retains its original structure and metadata, only updating the pixel data as specified by the user.