AI Analysis
Final verdict: SAFE
The package has no detected risks such as network calls, shell executions, obfuscations, or credential harvesting. The metadata suggests it may be from a new or less active account, but this alone is insufficient to label it as suspicious.
- No network calls detected.
- Author has only one package.
Per-check LLM notes
- Network: No network calls detected, which is normal for most utility packages that don't require internet access.
- Shell: No shell execution patterns detected, indicating the package does not execute system commands, which is typical and safe.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: The author has only one package, which could indicate a new or less active account, but there are no other suspicious flags.
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: gmail.com
Suspicious Page Links
All external links appear legitimate
Git Repository History
Repository biocpy/spatialfeatureexperiment appears legitimate
Maintainer History
score 2.0
1 maintainer concern(s) found
Author "Jayaram Kancherla" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with SpatialFeatureExperiment
Build a simple Python application using the SpatialFeatureExperiment package to demonstrate its core features.