academic-refchecker

v3.0.144 suspicious
5.0
Medium Risk

A comprehensive tool for validating reference accuracy in academic papers

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has moderate risk due to its network and shell execution capabilities, which could be exploited for malicious purposes. However, there is no clear evidence of malicious intent.

  • network calls to external APIs
  • execution of external commands
Per-check LLM notes
  • Network: Network calls to external APIs may be for legitimate purposes like service integration, but the use of API keys suggests potential for unauthorized access if compromised.
  • Shell: Execution of external commands and processes, including stopping services and converting PDFs to text, could indicate functionality intended for the package's purpose but also poses risks if misused for harmful actions.
  • Obfuscation: The code shows signs of obfuscation which may indicate an attempt to hide logic or make reverse engineering difficult, but it's not conclusive without further context.
  • Credentials: No clear patterns of credential harvesting are detected.
  • Metadata: The author has a missing or very short name and appears to be new or inactive, which raises some concern.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • s, body: str): resp = requests.post( _PANGRAM_URL, headers={"x-api-key": self.api_ke
  • s, body: str): resp = requests.post( _GPTZERO_URL, headers={"x-api-key": self.api_ke
  • None): self.session = requests.Session() self.session.headers.update({ 'Accept'
  • wait() response = requests.get(url, timeout=self.timeout) response.raise_for_st
  • response = requests.get(endpoint, headers=self.headers, params=params, timeout=30)
  • y) response = requests.get(endpoint, headers=self.headers, params=params, timeout=30)
Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

  • = None self._std.eval() num_labels = int(getattr(self._std.config, "nu
  • ) self.model.eval() self._std = None def score(self, text: st
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • on the port try: subprocess.run(["pkill", "-f", "vllm.entrypoints.openai.api_server"],
  • evnull: process = subprocess.Popen( cmd, env=clean_env,
  • e streaming process = subprocess.Popen( cmd, env=clean_env, sta
  • name result = subprocess.run(['pdftotext', pdf_path, '-'], capture_output=True, text=True
  • name result = subprocess.run(['pdftotext', tmp_path, '-'], capture_output=True, text=True
  • containing "vllm" subprocess.run(["pkill", "-f", "vllm.entrypoints.openai.api_server"], timeo
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: hotmail.com>

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://**`,
Git Repository History

Repository markrussinovich/refchecker appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with academic-refchecker 
Create a fully-functional mini-application named 'RefCheckPro' using Python's 'academic-refchecker' package. This application will serve as a powerful tool for researchers and students to validate the accuracy of references within their academic papers. The application should have a user-friendly interface that allows users to either upload a PDF file or paste the text content of their document into the app. Upon submission, the app should automatically analyze the references provided, checking for citation format consistency, missing references, and potential inaccuracies such as broken links or incorrect citations.

Core Features:
1. Upload/Paste Document: Users can either upload a PDF file or paste the text content of their document directly into the app.
2. Automatic Reference Analysis: The application will use the 'academic-refchecker' package to analyze the references within the document.
3. Error Detection: Identify inconsistencies in citation formats, missing references, and potential inaccuracies.
4. Detailed Report Generation: After analysis, generate a detailed report highlighting all detected errors and suggestions for corrections.
5. User Interface: Develop a simple yet effective web-based interface using Flask or Django for the front-end.
6. Documentation: Provide comprehensive documentation explaining how to install and use the application.
7. Integration Testing: Ensure the application works seamlessly with various citation styles including APA, MLA, Chicago, etc.

The 'academic-refchecker' package will be utilized throughout the reference validation process, from parsing the document to identifying and reporting errors. It's essential that the application leverages the full capabilities of the package to provide accurate and reliable results.