Rubka

v8.1.5 suspicious
6.0
Medium Risk

rubka: The official Python SDK for the Rubika Bot API, provided by Rubika. This library offers a robust and feature-rich interface for developers to build advanced bots on the Rubika platform. Features include comprehensive support for messaging, media, inline keyboards, group/channel management, user authentication, subscription systems, and real-time event handling. Built for scalability and ease of use.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits several concerning behaviors including shell execution risks and obfuscation techniques, which may indicate attempts to bypass detection or perform unauthorized actions. However, there's no clear evidence of malicious intent or credential harvesting.

  • High shell risk due to automated package installation
  • Unconventional coding practices suggesting possible evasion tactics
Per-check LLM notes
  • Network: Network calls are standard for fetching resources but the lack of context around these calls raises some concern.
  • Shell: Shell execution for installing packages without user interaction can be risky and may indicate potential for unauthorized actions.
  • Obfuscation: The code uses unconventional methods to import modules, which may indicate an attempt to bypass detection or analysis.
  • Credentials: No clear patterns of credential harvesting are present in the provided snippets.
  • Metadata: The presence of a non-HTTPS link and a single-package author suggest potential risk, but no clear malicious intent is evident.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • try: response = urllib.request.urlopen(video_path) video_bytes = response.read
  • try: response = requests.get(url, timeout=3) response.raise_for_status()
  • on" try: resp = requests.get(url, timeout=5) resp.raise_for_status() da
  • None self.session = requests.Session() self.sessions: Dict[str, Dict[str, Any]] = {}
  • try: json_url = requests.get(web_hook, timeout=self.timeout).json().get('url', web_hook)
  • = limit return list(requests.get(self.web_hook).json()) def _is_duplicate(self, message_
Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

  • age_name): try: __import__(package_name) except ModuleNotFoundError: print(f"Module '{
  • globals()[package_name] = __import__(package_name) install_and_import("websocket") from websocket import
  • b'\xff\xd8\xff\xe0\x00\x10JFIF\x00\x01\x01\x00\x00\x01\x00\x01\x00\x00\xff\xdb\x00C\x00\x08\x06\x06\x07\x06\x05\x08\x07\x07\x07\t\t\x08\n\x0c\
  • 1\x00\x01\x00\x00\xff\xdb\x00C\x00\x08\x06\x06\x07\x06\x05\x08\x07\x07\x07\t\t\x08\n\x0c\x14\r\x0c\x0b\x0b\x0c\x19\x12\x13\x0f\x14\x1d
  • 07\x07\x07\t\t\x08\n\x0c\x14\r\x0c\x0b\x0b\x0c\x19\x12\x13\x0f\x14\x1d\x1a\x1f\x1e\x1d\x1a\x1c\x1c $.\' ",#\x1c\x1c(7),01444\x1f\'9=82<.342\xff\xdb\x00C\x01\t
  • 222222222222222222222222222222\xff\xc0\x00\x11\x08\x00\x80\x00\x80\x03\x01"\x00\x02\x11\x01\x03\x11\x01\xff\xc4\x00\x1f\x00\x00\x01\x0
Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • pto.Cipher import AES except:os.system('pip install pycryptodome') class cryption: def __in
  • und. Installing...") subprocess.check_call([sys.executable, "-m", "pip", "install", package_name])
  • age_name): try: subprocess.check_call([sys.executable, "-m", "pip", "install", package_name], stdo
  • ) -> bool: try: subprocess.check_call([sys.executable, "-m", "pip", "install", package_name], stdo
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://rubka.ir
Git Repository History

Repository Mahdy-Ahmadi/rubka appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Mahdi Ahmadi" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with Rubka 
Develop a social media monitoring bot using the Rubka Python SDK that allows users to track specific keywords across multiple Rubika groups and channels. The bot should notify users via direct message whenever a tracked keyword appears in a post or comment within these monitored spaces. Additionally, implement a feature where users can set up alerts for new posts from specific users they follow. The application should also provide a summary report at the end of each day, listing all the occurrences of the tracked keywords and new posts from followed users. Utilize Rubka's capabilities for real-time event handling, messaging, and inline keyboard interactions to enhance user engagement and interaction with the bot.