WebAppDIRAC

v6.0.4 suspicious
5.0
Medium Risk

WebAppDIRAC is a portal for the DIRAC software.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits significant obfuscation, which may indicate attempts to conceal malicious functionality. However, there are no direct signs of network, shell, or credential risks. The incomplete maintainer profile adds to the suspicion.

  • High obfuscation risk
  • Incomplete maintainer profile
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires external services.
  • Shell: No shell execution patterns detected, indicating no immediate risk of command execution.
  • Obfuscation: The observed patterns suggest potential obfuscation of code, possibly to hide functionality or logic, which is a common tactic in malicious scripts.
  • Credentials: No clear indicators of credential harvesting were detected in the provided code snippets.
  • Metadata: The maintainer has an incomplete profile and seems to be new or inactive, which raises some suspicion but not enough to conclusively determine malice.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

  • Encode.decode(zlib.decompress(base64.b64decode(data)))[0] def web_loadUserAppState(self, obj, app, use
  • Encode.decode(zlib.decompress(base64.b64decode(data)))[0] @authorization(["all"]) def web_listAppS
  • Encode.decode(zlib.decompress(base64.b64decode(data[k])))[0]) for k in data} def web_delAppState(self,
  • Encode.decode(zlib.decompress(base64.b64decode(result["Value"])))[0] ) shar
  • Encode.decode(zlib.decompress(base64.b64decode(data)))[0]) oDesktop["view"] = str(view) oDe
  • return DEncode.decode(zlib.decompress(base64.b64decode(data)))[0] def web_loadUserAppState(se
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository DIRACGrid/WebAppDIRAC appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with WebAppDIRAC 
Create a web-based monitoring tool for a research institution using the WebAppDIRAC package. This tool will allow researchers and administrators to monitor the status of various computing resources and workflows associated with their projects. The application should include the following core functionalities:

1. **User Authentication**: Implement user authentication to ensure only authorized users can access the system. Users should be able to log in using their institutional credentials.
2. **Resource Monitoring**: Display real-time data about the availability and performance of computing resources such as servers, storage systems, and network infrastructure. This information should be presented in an easy-to-understand format, possibly including graphs and charts.
3. **Workflow Management**: Allow users to view and manage their workflows. This includes starting, stopping, and pausing workflows, as well as viewing workflow logs and statuses.
4. **Alert System**: Set up an alert system that notifies users via email or SMS when there are issues with resources or workflows. Alerts should be customizable based on severity levels.
5. **Custom Dashboards**: Enable users to create custom dashboards that display the information they find most relevant. Users should be able to save these dashboards for future use.
6. **Documentation and Help**: Provide comprehensive documentation and a help section within the application to assist users in understanding how to use the different features effectively.

To achieve these goals, you will utilize the core features of the WebAppDIRAC package, which provides a framework for building web applications that interact with DIRAC software. Specifically, you will leverage WebAppDIRAC’s capabilities to authenticate users, retrieve and display resource and workflow information, and set up alerts. Additionally, you will need to integrate third-party services for sending alerts and possibly for user authentication if WebAppDIRAC does not natively support it.

Your task is to design and implement this application from scratch, ensuring it is user-friendly and scalable. Consider best practices in web development, security, and usability throughout the process.