AI Analysis
Final verdict: SAFE
The package shows minimal risk indicators with no signs of malicious activity. However, the metadata suggests a possibly new or inactive author which slightly increases uncertainty.
- Low network, shell, obfuscation, and credential risks.
- Missing author name and potential inactivity raise minor concerns.
Per-check LLM notes
- Network: The observed network calls appear to be legitimate API requests, suggesting the package is designed to interact with external services.
- Shell: No shell execution patterns were detected.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: The author's name is missing and they appear to be new or inactive, raising some suspicion but not definitive evidence of malice.
Heuristic Checks
Outbound Network Calls
score 4.5
Found 3 network call pattern(s)
try: response = requests.get(url=url, headers=request_headers, timeout=10) responlity_date} response = requests.get( url=ESIMetaUrl.STATUS.value, headers=headers, tlity_date} response = requests.get( url=ESIMetaUrl.OPENAPI_SPECS.value, headers=hea
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: ppfeufer.de>
Suspicious Page Links
All external links appear legitimate
Git Repository History
Repository ppfeufer/aa-esi-status appears legitimate
Maintainer History
score 4.0
2 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with aa-esi-status
Build a simple Python application using the aa-esi-status package to demonstrate its core features.