TD2

v1.1.0 suspicious
4.0
Medium Risk

A tool to find protein coding ORFs

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows potential signs of typosquatting and has high shell execution risks, which could indicate malicious intent. However, there are no direct indications of actual malicious activities.

  • Potential typosquatting targeting 'tqdm'
  • High risk of shell execution potentially allowing arbitrary command execution
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package is expected to communicate externally.
  • Shell: Shell execution patterns suggest potential for executing arbitrary commands, which could be used for malicious purposes if not properly sanitized or controlled.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, suggesting safe handling of secrets and credentials.
  • Metadata: Potential typosquatting and suspicious non-HTTPS link raise concerns.
  • Typosquatting target: tqdm

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • "] #result_psauron = subprocess.run(command_psauron, capture_output=False, text=True, stderr=sub
  • LL) result_psauron = subprocess.run(command_psauron, capture_output=False, text=True, env=env)
  • s"] result_psauron = subprocess.run(command_psauron, capture_output=True, text=True, env=env)
  • rfs-only", ] result = subprocess.run(cmd, capture_output=True, text=True, check=False) if res
  • default parameters. rc = subprocess.run( [sys.executable, "-m", "TD2.LongOrfs", "-t", str(fa
  • ron` CLI internally. rc = subprocess.run( [sys.executable, "-m", "TD2.Predict", "-t", str(fas
Credential Harvesting

No credential harvesting patterns detected

Typosquatting score 9.0

Possible typosquat of: tqdm, cdk, tox

  • "TD2" is 2 edit(s) from "tqdm"
  • "TD2" is 2 edit(s) from "cdk"
  • "TD2" is 2 edit(s) from "tox"
Registered Email Domain

Email domain looks legitimate: gmail.com

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://bioconda.github.io/recipes/td2/README.html
Git Repository History

Repository Markusjsommer/TD2 appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "markus" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with TD2 
Create a command-line tool using Python that helps biologists identify potential protein-coding regions in DNA sequences. This tool will leverage the 'TD2' package, which specializes in finding Open Reading Frames (ORFs) within DNA sequences. Your application should accept FASTA formatted DNA sequences as input and output a list of identified ORFs along with their start and end positions and frame information. Additionally, consider implementing the following features:

1. An option to filter ORFs based on minimum length.
2. Support for multiple reading frames.
3. Ability to handle both forward and reverse complement strands.
4. Output results in a user-friendly format, such as a CSV file or a simple HTML report.
5. Include a brief summary of the number of ORFs found and their lengths.
6. Provide usage instructions and examples when the help flag (-h) is invoked.

Your task is to design the architecture of the tool, integrate the 'TD2' package effectively, and ensure the application is robust, easy to use, and well-documented.