aama

v0.0.0 suspicious
6.0
Medium Risk

Placeholder — see https://github.com/aama-tools/aama

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package is assessed as suspicious due to its low version number, placeholder content, and potential typosquatting targeting 'yaml'. The high metadata risk further supports concerns about its legitimacy.

  • Version 0.0.0 and placeholder content
  • Potential typosquatting
  • High metadata risk
Per-check LLM notes
  • Network: No network calls detected, which is normal if the package does not require external communications.
  • Shell: No shell execution patterns detected, indicating the package likely does not execute system commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, indicating secure handling of sensitive information.
  • Metadata: High risk due to suspicious git repository activity and low-quality metadata.
  • Typosquatting target: yaml

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting score 3.0

Possible typosquat of: yaml

  • "aama" is 2 edit(s) from "yaml"
Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 7.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
  • Single contributor with only 3 commit(s) — possibly throwaway account
  • All 3 commits happened within 24 hours
Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author "Saltymiche" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aama 
Build a simple Python application using the aama package to demonstrate its core features.