PyCyphORM

v26.5.25 safe
4.0
Medium Risk

A simple in-memory encrypted ORM for SQLite3

🤖 AI Analysis

Final verdict: SAFE

The package appears safe with no direct evidence of malicious activities. However, there are some concerns regarding the maintenance level and potential shell execution that need further review.

  • Low network and credential risks.
  • Shell risk due to possible initialization commands requires closer inspection.
  • Poor metadata quality and low maintainer activity.
Per-check LLM notes
  • Network: No network calls detected, which is typical and not suspicious.
  • Shell: The shell execution is likely part of the package's initialization process but should be reviewed for its commands to ensure they align with the package's intended functionality.
  • Obfuscation: No obfuscation patterns detected, suggesting low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows signs of low maintainer activity and poor metadata quality, but there are no clear indicators of malicious intent.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • run_pyorm_init(workdir): subprocess.run( [sys.executable, "-m", "pyorm.cli", "--init", "1"],
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: lts.pt>

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with PyCyphORM 
Create a simple, yet fully functional, personal finance tracker application using Python and the PyCyphORM package. This application will allow users to securely store and manage their financial transactions in an SQLite database with end-to-end encryption provided by PyCyphORM. The application should include the following functionalities:

1. User Authentication: Users should be able to create accounts and log in securely. Passwords should be hashed before being stored.
2. Transaction Management: Users should be able to add, view, edit, and delete financial transactions. Each transaction should have fields like date, amount, category (e.g., groceries, utilities), and description.
3. Encryption: All data stored in the SQLite database must be encrypted using PyCyphORM to ensure that the data remains secure even if the database file is accessed directly.
4. Reporting: Provide basic reporting capabilities such as viewing total expenses per month and categorizing expenses by type.
5. User Interface: Develop a simple command-line interface (CLI) for user interaction.
6. Data Backup: Implement a feature to back up the encrypted database to a specified location.
7. Data Recovery: Allow users to restore their data from a backup file.

To utilize PyCyphORM, follow these steps within your application:
- Initialize the ORM with a specified encryption key.
- Define models for User and Transaction entities, ensuring they map correctly to the database schema while leveraging PyCyphORM's encryption capabilities.
- Use the ORM to perform CRUD operations on the User and Transaction entities, ensuring all data is encrypted during storage and decrypted upon retrieval.
- Integrate hashing for password security when storing user credentials.

Your task is to design and implement this application, ensuring it meets all specified requirements and effectively showcases the use of PyCyphORM for secure, encrypted data management.