VibraVid

v1.2.8 suspicious
6.0
Medium Risk

Download content from streaming platforms

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a moderate level of risk due to its network and shell execution behaviors, which could indicate potential malicious activities. However, there is no concrete evidence of credential harvesting or severe malice.

  • network calls suggest possible data exfiltration
  • execution of system commands poses risk for unauthorized access
Per-check LLM notes
  • Network: The network call pattern suggests the package might be making external requests, which could potentially be for legitimate purposes but also raises concerns about data exfiltration.
  • Shell: The shell execution patterns indicate that the package is executing system commands, which can be risky as it may allow for unauthorized access or command execution, suggesting potential backdoor activities.
  • Obfuscation: Base64 decoding is commonly used for obfuscation but can also be legitimate for various purposes such as handling encoded strings in configuration files.
  • Credentials: No clear evidence of credential harvesting patterns detected.
  • Metadata: The package shows low maintenance effort and contains non-secure links, raising some concerns but not strong evidence of malice.

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • URL.""" try: with urllib.request.urlopen(url, timeout=10) as resp: return resp.re
⚠ Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

  • license_payload = base64.b64decode(b64_license).decode("utf-8") logger.debu
  • try: data = base64.b64decode(pro_b64) except Exception: return None
  • kid_bytes = base64.b64decode(kid_b64) if len(kid_bytes) == 16:
  • kid_bytes = base64.b64decode(kid_b64 + "==") if len(kid_bytes) >=
  • license_bytes = base64.b64decode(resp_json["widevineLicense"]["license"])
  • license_bytes = base64.b64decode(resp_json["license"]) else:
⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • cmd(cmd)}") result = subprocess.run(cmd, capture_output=True, text=True, timeout=180) if
  • join(cmd)}") result = subprocess.run(cmd, capture_output=True, timeout=15) raw = result.s
  • [] try: process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=Tr
  • try: proc = subprocess.run([ get_ffmpeg_path(), "-y", "-hide_banner
  • e try: process = subprocess.Popen( ffmpeg_command, stdout=subprocess.P
  • son', file_path] with subprocess.Popen(ffprobe_cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE,
βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

No author email provided

⚠ Suspicious Page Links score 6.0

Found 3 suspicious link(s) on the package page

  • Non-HTTPS external link: http://sonarr:8989
  • Non-HTTPS external link: http://radarr:7878
  • Non-HTTPS external link: http://192.168.1.100:9000
βœ“ Git Repository History

Repository AstraeLabs/VibraVid appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

  • Author "Arrowar" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with VibraVid 
Create a Python-based mini-application named 'StreamSaver' that allows users to easily download their favorite video content from popular streaming platforms using the 'VibraVid' package. This application should have a user-friendly command-line interface (CLI) that guides users through the process of selecting the platform, entering login credentials (if required), choosing the video(s) they wish to download, and initiating the download process. Additionally, the app should include options for downloading subtitles if available and the ability to specify the desired video quality. Here’s a detailed breakdown of the steps and features you should consider implementing:

1. **Application Setup**: Initialize your project with a virtual environment and install necessary packages including 'VibraVid'. Ensure all dependencies are listed in a requirements.txt file.
2. **Authentication**: Implement a secure way to handle user authentication for different streaming platforms. Use OAuth2 for authorization where applicable.
3. **Platform Selection**: Provide a CLI menu that lists supported streaming platforms and allows users to select one.
4. **Video Search & Selection**: Once the platform is chosen, allow users to search for videos based on keywords or browse categories. Display a list of results with relevant details like title, description, thumbnail, and available qualities.
5. **Download Options**: Allow users to choose video quality and subtitle options. If possible, provide a preview function to let users check the video before starting the download.
6. **Downloading Process**: Implement a robust mechanism to handle downloads, showing progress and estimated time remaining. Include error handling to manage issues like connection loss or unsupported formats.
7. **Post-Processing**: After successful downloads, offer users the option to organize files into folders based on the platform or other criteria.
8. **User Interface Enhancements**: Make sure the CLI is responsive and provides clear instructions at each step. Consider adding color-coding and emojis for better readability.
9. **Documentation**: Write comprehensive documentation that includes installation instructions, usage examples, and troubleshooting tips.

This project will not only serve as a useful tool for content enthusiasts but also as an educational exercise in Python programming, handling APIs, and working with third-party libraries.