AI Analysis
Final verdict: SUSPICIOUS
The package shows low risks in most categories but raises concerns due to the maintainer's new account and missing metadata.
- New maintainer account
- Lack of package classifiers
Per-check LLM notes
- Network: The observed network call patterns are typical for packages that interact with web services, but further investigation is needed to ensure legitimacy of the URLs and purposes of the calls.
- Shell: No shell execution patterns detected, which is normal and indicates no immediate signs of malicious shell command execution.
- Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
- Credentials: No credential harvesting patterns detected, suggesting no risk of secret theft.
- Metadata: The maintainer's new account and lack of classifiers suggest low effort, raising some suspicion.
Heuristic Checks
Outbound Network Calls
score 9.0
Found 6 network call pattern(s)
self._session = requests.Session() self._session.headers.update({"Accept": "applicatitry: response = requests.get(self.url) response.raise_for_status()try: response = requests.get(self.url) response.raise_for_status()) self._session = requests.Session() self._session.headers.update({"Accept": "applicati"TONUSDT"} res = requests.get(self.url_binance, params=params) return float(reson" latest_version = requests.get(url).json()["info"]["version"] if current_version !
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: gmail.com>
Suspicious Page Links
score 2.0
Found 1 suspicious link(s) on the package page
Non-HTTPS external link: http://...
Git Repository History
Repository DevZ44d/Tonviewer appears legitimate
Maintainer History
score 4.0
2 maintainer concern(s) found
Author "AhMed" appears to have only 1 package on PyPI (new or inactive account)Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with Tonviewer
Create a fully-functional mini-application that leverages the Tonviewer package to interact with the TON blockchain. This application should allow users to perform various operations such as querying account information, viewing transaction history, and monitoring smart contracts on the TON network. Here are the detailed steps and features your application should include: 1. **Setup**: Begin by installing the Tonviewer package using pip. Ensure you have a basic understanding of the TON blockchain and its architecture. 2. **User Interface**: Develop a simple command-line interface (CLI) or a web-based front-end where users can input their queries. 3. **Account Information**: Implement a feature that allows users to query account details such as balance, last updated block, and other relevant information. 4. **Transaction History**: Enable users to view transaction history for a specific account or address. This should include details like transaction ID, amount transferred, and timestamp. 5. **Smart Contract Monitoring**: Provide functionality to monitor specific smart contracts deployed on the TON network. Users should be able to receive notifications about contract updates, function calls, or any changes in state. 6. **Security Features**: Integrate security measures such as rate limiting and authentication to prevent unauthorized access and abuse. 7. **Documentation**: Write comprehensive documentation explaining how to use the application, including examples and best practices for interacting with the TON blockchain through Tonviewer. Throughout the development process, utilize the core functionalities of the Tonviewer package to ensure efficient and reliable interactions with the TON blockchain. Your goal is to create a user-friendly yet powerful tool that showcases the capabilities of Tonviewer in a practical setting.