AI Analysis
Final verdict: SUSPICIOUS
The package exhibits moderate risks due to its network and shell execution capabilities, which could be leveraged for malicious purposes. While there is no concrete evidence of malice, the low maintenance and author engagement further warrant caution.
- High network risk
- High shell execution risk
- Potential obfuscation practices
- Low maintenance and author engagement
Per-check LLM notes
- Network: The package makes network calls which could potentially be used for data exfiltration or C2 communications.
- Shell: The use of subprocess.Popen indicates the package can execute shell commands, which might be exploited for unauthorized actions.
- Obfuscation: The observed pattern suggests potential obfuscation but could also be part of legitimate encoding practices, such as in cryptographic operations.
- Credentials: No clear signs of credential harvesting detected.
- Metadata: The package shows low maintenance and author engagement, raising some suspicion but not conclusive evidence of malice.
Heuristic Checks
Outbound Network Calls
score 3.0
Found 2 network call pattern(s)
son", } req = urllib.request.Request( url=self.url, data=str(jsonPOST", ) with urllib.request.urlopen(req) as res: ret = json.loads(res.read()
Code Obfuscation
score 2.0
Found 1 obfuscation pattern(s)
= np.frombuffer( base64.b64decode(hash_string), dtype="uint8" if dtype in ["bool",
Shell / Subprocess Execution
score 6.0
Found 3 shell execution pattern(s)
cture_number", ] with subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE) as p:e,start_time """ with subprocess.Popen( shlex.split(cmd), stdout=subprocess.PIPE, stderr=su_BUFSIZE", "5")) with subprocess.Popen( shlex.split(cmd), stdout=subprocess
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: wearethorn.org>
Suspicious Page Links
All external links appear legitimate
Git Repository History
No GitHub repository linked
No GitHub repository link found
Maintainer History
score 6.0
3 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with Perception
Create a multimedia content similarity detection tool using the Perception Python package. This tool will enable users to upload two images or videos and determine their visual similarity based on perceptual hashing techniques. The application should have the following features: 1. User Interface: Develop a simple, intuitive web-based interface where users can upload their media files. 2. File Upload Handling: Ensure that the application supports both image and video file types. Implement validation to check if the uploaded files are indeed images or videos. 3. Perceptual Hash Calculation: Utilize the Perception package to compute perceptual hashes for each uploaded file. Explain how the Perception package's core functionalities are employed here. 4. Similarity Comparison: Compare the hashes of the two uploaded files to determine their similarity level. Display the result in a user-friendly manner, indicating whether the files are highly similar, moderately similar, or dissimilar. 5. Optional Feature - Real-time Preview: Allow users to preview the uploaded files before finalizing the comparison. 6. Documentation: Provide comprehensive documentation explaining how to install and use the tool, including any dependencies and setup instructions. 7. Testing: Include unit tests and integration tests to ensure the reliability and accuracy of the application. The project should demonstrate a practical application of perceptual hashing techniques and showcase the capabilities of the Perception package in a real-world scenario.