aabd

v0.4.9 suspicious
6.0
Medium Risk

wdx tools

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package exhibits several concerning behaviors including frequent base64 decoding, potential data exfiltration via network calls, and questionable metadata. While there is no definitive evidence of malicious intent, these indicators suggest a need for caution.

  • High obfuscation risk through base64 decoding
  • Potential network data exfiltration
  • Lack of maintainer information and single associated package
Per-check LLM notes
  • Network: The network calls suggest the package performs HTTP requests which could be benign but warrant scrutiny to ensure they do not lead to data exfiltration.
  • Shell: The use of shell commands may indicate legitimate functionality, such as querying GPU details, but needs further investigation to confirm its purpose and legitimacy.
  • Obfuscation: The code uses base64 decoding frequently, which could be an attempt to obfuscate the actual functionality of the code.
  • Credentials: No clear patterns indicating credential harvesting were found.
  • Metadata: The package shows some red flags such as lack of maintainer information and a single associated package, which may indicate potential risk.

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 7.5

Found 5 network call pattern(s)

  • p', 'https'): resp = urllib.request.urlopen(path_str) img_array = np.frombuffer(resp.re
  • try: response = requests.head(url, timeout=timeout) file_size = int(response.
  • g_size}-"} req = requests.get(url, headers=headers, stream=True, timeout=timeout)
  • else: target = requests.get(source).content if target_image_format is not None:
  • try: response = requests.get(data) response.raise_for_status()
⚠ Code Obfuscation score 10.0

Found 5 obfuscation pattern(s)

  • else: target = base64.b64decode(source) if target_image_format is not None:
  • e64_header(image) image = base64.b64decode(image) image = io.BytesIO(image) image = ImageUtil.o
  • return 'base64' base64.b64decode(data) return 'base64' except:
  • try: img_data = base64.b64decode(data) except: raise ValueError("ζ— ζ•ˆηš„ Ba
  • f.device) self.model.eval() def predict(self, image): if isinstance(im
⚠ Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • port subprocess result = subprocess.run(['nvidia-smi', '--query-gpu=name', '--format=csv,noheader'],
  • , output_path]) result = subprocess.run(cmd, capture_output=True, text=True, encoding="utf-8", error
βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: 163.com>

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

No GitHub repository linked

  • No GitHub repository link found
⚠ Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with aabd 
Your task is to create a simple yet useful command-line tool using the 'aabd' package, which is a collection of utility functions developed by wdx. This tool will serve as a personal finance tracker that allows users to manage their income and expenses efficiently. Here’s a detailed plan on how to approach this project:

1. **Setup**: Begin by installing the 'aabd' package if it isn't already available. Make sure you understand its core functionalities and how they can be applied to the finance tracking application.
2. **Feature List**:
   - Ability to add new transactions (income or expense) with date, amount, and description.
   - A feature to categorize transactions into predefined categories like 'Food', 'Transport', etc.
   - Option to view transaction history with filters based on date range or category.
   - Calculation of total income, total expenses, and net balance.
3. **Implementation**:
   - Utilize 'aabd' for any utility tasks such as data validation, file handling, or any other operations that simplify the development process.
4. **User Interface**: Design a clean and intuitive CLI interface where users can easily interact with the application through commands.
5. **Testing**: Ensure all features work as expected by testing them thoroughly.
6. **Documentation**: Provide clear documentation on how to install and use the application, including examples of common tasks.

This project aims not only to demonstrate your ability to utilize the 'aabd' package effectively but also to showcase your skills in developing user-friendly applications. Remember, the goal is to make the finance tracker both functional and easy to use.