YavuzMSA

v0.2.0 suspicious
6.0
Medium Risk

A Multiple Sequence Alignment library implementing the MAFFT algorithm.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows no direct signs of malicious intent in terms of network calls, shell execution, or credential harvesting. However, suspicious activity around the git repository and maintainer history raises concerns about potential supply-chain risks.

  • Suspicious metadata risk
  • Lack of detailed package description
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires network functionality.
  • Shell: No shell execution detected, indicating no immediate risk of command injection or similar attacks.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: Suspicious activity around the git repository and maintainer history suggests potential risk.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 7.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
  • Single contributor with only 4 commit(s) — possibly throwaway account
  • All 4 commits happened within 24 hours
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Yavuz Selim Özkan" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with YavuzMSA 
Develop a bioinformatics tool named 'SeqAligner' using Python, which leverages the YavuzMSA package to perform multiple sequence alignments. SeqAligner will serve as a user-friendly command-line interface (CLI) application designed for researchers and students in the field of molecular biology. This tool should accept FASTA formatted input files containing DNA sequences and output the aligned sequences in a clear, readable format. Additionally, it should provide options for users to choose between different alignment modes offered by the MAFFT algorithm implemented in YavuzMSA, such as 'auto', 'global', and 'local'. Users should also have the ability to specify gap penalties and other parameters to fine-tune their alignments. Finally, SeqAligner should generate a summary report detailing the alignment process and key statistics about the results, making it easier for users to understand and interpret the output. Utilize YavuzMSA's capabilities to ensure that the alignment process is both efficient and accurate, providing a valuable resource for analyzing genetic data.