Package Metadata

Author: A2AL Authors
Email: —
PyPI: a2al
Python: >=3.10
Versions: 14 releases
First release: 06 Apr 2026, 14:33 UTC
Analysed: 05 Jun 2026, 22:56 UTC
Source files: 4 .py files scanned

Project Links

Bug Tracker Homepage Repository Tangled Network tngld.net

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)Operating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package executes shell commands to spawn a local daemon, indicating potential for unauthorized actions. Despite this, there is no evidence of obfuscation or credential harvesting, and the metadata risk is moderate.

High shell risk due to execution of shell commands
No signs of obfuscation or credential manipulation

Per-check LLM notes

Network: The network calls may be legitimate if the package requires external API services.
Shell: Executing shell commands can be risky as it might indicate potential for unauthorized command execution or backdoor functionality.
Obfuscation: No obfuscation patterns detected, suggesting low risk of malicious obfuscation.
Credentials: No credential harvesting patterns detected, indicating low risk of malicious activity.
Metadata: The maintainer has only one package, which may indicate a new or less active account, but no other red flags are present.

🔬 Heuristic Checks

⚠ Outbound Network Calls score 4.5

Found 3 network call pattern(s)

try: urllib.request.urlopen(self.api_base + "/health", timeout=1.0)
encode("utf-8") req = urllib.request.Request( self.base + path, data=data, headers=he
try: with urllib.request.urlopen(req, timeout=timeout) as resp: raw =

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

pi_token self._proc = subprocess.Popen( args, stdout=subprocess.DEVNULL,

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository a2al/a2al appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "A2AL Authors" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with a2al

Your task is to develop a simple yet powerful command-line tool using Python, which leverages the 'a2al' package to manage and interact with a2ald services. This tool will provide users with an easy way to perform health checks, manage agents, resolve service endpoints, fetch data, and establish tunnels - all through a user-friendly CLI interface. Here’s a detailed breakdown of your objectives:

1. **Setup**: Begin by installing the necessary packages, including 'a2al'. Ensure your environment is set up correctly.
2. **CLI Development**: Use Python’s argparse module or similar to create a robust CLI that accepts commands and arguments. Commands should include 'health', 'agents', 'resolve', 'fetch', and 'tunnel'. Each command should correspond to specific functionalities provided by the 'a2al' package.
3. **Health Check**: Implement a 'health' command that sends a request to the a2al service to check if it is running properly. Display a clear message indicating whether the service is healthy or not.
4. **Agent Management**: Develop 'agents' functionality that lists all active agents managed by a2al. Additionally, allow adding new agents via the CLI.
5. **Service Resolution**: Create a 'resolve' command that allows users to input a service name and returns its resolved endpoint.
6. **Data Fetching**: Implement 'fetch' command to retrieve specific data from the a2al service based on user input parameters.
7. **Tunnel Establishment**: Lastly, build 'tunnel' functionality enabling users to establish secure tunnels to remote services using a2al.
8. **Error Handling**: Make sure to include comprehensive error handling for each command, providing meaningful feedback to the user when something goes wrong.
9. **Documentation**: Write concise documentation detailing how to install and use your CLI tool effectively.

By completing these steps, you will have created a versatile CLI tool that simplifies interaction with a2al services, enhancing usability and accessibility for developers working with this technology.