Qubx

v1.5.1 safe
3.0
Low Risk

Qubx - Quantitative Trading Framework

πŸ€– AI Analysis

Final verdict: SAFE

The package Qubx v1.5.1 presents a low risk profile with minimal concerns around network, shell execution, obfuscation, and credential risks. There are no clear indicators of malicious activity.

  • Low network and shell risk scores
  • No signs of obfuscation or credential harvesting
  • Minimal author engagement and metadata quality
Per-check LLM notes
  • Network: The network calls appear to be fetching package metadata and version information, which is typical for dependency management.
  • Shell: The shell executions include git commands that might be part of the package's build process or version control operations, but could also indicate unexpected behavior if not documented.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows low author engagement and metadata quality, but there are no clear indicators of malicious intent.

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 7.5

Found 5 network call pattern(s)

  • /{version}/json" with urllib.request.urlopen(url, timeout=5) as response: return resp
  • ef _make_request(url: str) -> urllib.request.Request: req = urllib.request.Request(url) i
  • equest.Request: req = urllib.request.Request(url) if auth_header: req.add_hea
  • /{pkg_normalized}/" with urllib.request.urlopen(_make_request(simple_url), timeout=30) as resp:
  • el_filename(chosen)) with urllib.request.urlopen(_make_request(wheel_url), timeout=120) as whl_resp:
βœ“ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • tform.system()}") subprocess.run( strip_cmd, # type: ignore [arg-type] # noq
  • ibe try: result = subprocess.run(["git", "describe", "--tags", "--abbrev=0"], capture_output=
  • md)}</dim>") result = subprocess.run(cmd, cwd=str(clone_dir)) sys.exit(result.returncode)
  • th main as default branch subprocess.run(["git", "init", "-b", "main"], cwd=strategy_path, capture_ou
  • ath, capture_output=True) subprocess.run(["git", "add", "-A"], cwd=strategy_path, capture_output=True
  • ath, capture_output=True) subprocess.run( ["git", "commit", "-m", "Initial project setup"],
βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: xlydian.com>

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

Repository xLydianSoftware/Qubx appears legitimate

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with Qubx 
Your task is to develop a mini-trading simulator application using the 'Qubx' quantitative trading framework in Python. This application will allow users to simulate trading strategies on historical financial data. The goal is to provide a user-friendly interface where users can input their strategy parameters and see the performance of their strategy over time. Here’s a step-by-step guide on how to build this application:

1. **Setup**: Start by installing the 'Qubx' package and any other necessary Python libraries such as pandas for data manipulation and matplotlib for plotting.
2. **Data Collection**: Use 'Qubx' to fetch historical stock price data from a reliable source (such as Yahoo Finance). Ensure you can download data for multiple stocks at once.
3. **Strategy Development**: Implement a basic moving average crossover strategy within 'Qubx'. Users should be able to specify the short-term and long-term moving averages they want to use.
4. **Backtesting**: Develop a backtesting feature that allows users to test their strategies on past data. The backtester should calculate metrics like Sharpe ratio, total return, and maximum drawdown.
5. **Visualization**: Create visualizations that show the performance of the trading strategy over time. Include plots of the strategy signals, equity curves, and trade outcomes.
6. **User Interface**: Optionally, design a simple web-based UI using Flask or Django that allows users to input parameters and view results without needing to run code.
7. **Documentation**: Write clear documentation explaining how to install and use the application, including examples of different strategies that can be tested.

This project aims to provide an educational tool for understanding quantitative trading concepts while showcasing the capabilities of the 'Qubx' package.