Package Metadata

Author: Plone Foundation
Email: [email protected]
PyPI: Products.CMFPlone
Python: >=3.10
Versions: 216 releases
First release: 27 Nov 2010, 20:31 UTC
Analysed: 05 Jun 2026, 18:21 UTC
Source files: 63 .py files scanned

Project Links

Chat Documentation Forum Homepage Issues Mastodon Source Sponsor Videos X (formerly Twitter)

Classifiers

Development Status :: 5 - Production/StableEnvironment :: Web EnvironmentFramework :: PloneFramework :: Plone :: 6.2Framework :: Plone :: CoreFramework :: Zope :: 6License :: OSI Approved :: GNU General Public License v2 (GPLv2)Operating System :: OS IndependentProgramming Language :: PythonProgramming Language :: Python :: 3.10

🤖 AI Analysis

Final verdict: SAFE

The package shows low risks across all categories with no evidence of malicious activities or supply-chain attacks.

Low network and shell risks
No suspicious obfuscation or credential handling

Per-check LLM notes

Network: No network calls detected, which is normal for most Python packages unless they require online services.
Shell: No shell execution patterns detected, indicating no direct system command execution from the package.
Obfuscation: The use of dynamic import with error handling is not inherently malicious but could be used to hide code logic.
Credentials: No suspicious patterns for credential harvesting were found in the provided snippet.
Metadata: The author has only one package, which may indicate a new or less active account but does not necessarily imply malicious intent.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

try: __import__(self.check_module) except ImportError: logger.info

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: plone.org

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository plone/plone.org appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Plone Foundation" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with Products.CMFPlone

Your task is to develop a mini-app utilizing the 'Products.CMFPlone' package, which is the core of the Plone Content Management System (CMS). This app will serve as a basic blog platform where users can create, edit, and manage their posts. Additionally, it should allow registered users to comment on these posts and have a simple user management system. Here’s a detailed breakdown of what your application should achieve:

1. **User Registration and Authentication**: Implement a registration system where users can sign up using their email and password. Users should also be able to log in and out.
2. **Post Creation and Editing**: Allow logged-in users to create new posts. Each post should include a title, content, and an optional image upload feature. Users should be able to edit their own posts after creation.
3. **Commenting System**: Enable users to leave comments on posts. Ensure that only registered users can comment and that comments are moderated before they appear publicly.
4. **User Management**: Provide a dashboard where users can view and manage their posts and comments. Admins should be able to delete inappropriate posts or comments.
5. **Search Functionality**: Integrate a search function that allows users to find posts based on keywords within titles and contents.

To accomplish these tasks, you will need to utilize various functionalities provided by the 'Products.CMFPlone' package, such as content types, workflows, and permissions management. Make sure to follow best practices in coding and security while developing this mini-app.