academy-py

v0.5.0 suspicious
6.0
Medium Risk

Build and deploy stateful agents across federated resources.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a moderate level of suspicion due to its use of potentially risky practices such as base64 decoding and pickle loading, which can be exploited for malicious activities.

  • High obfuscation risk through base64 decoding and pickle loading
  • New maintainer with only one package
Per-check LLM notes
  • Network: The package makes network calls which could be legitimate for API interactions, but the use of raw sockets and lack of clear purpose suggests potential risk.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: The use of base64 decoding followed by pickle loading suggests an attempt to obfuscate data processing, which may be used for malicious purposes such as executing arbitrary code.
  • Credentials: No direct evidence of credential harvesting is found, but the presence of suspicious patterns warrants further investigation.
  • Metadata: The maintainer has only one package, suggesting a new or less active account, which may warrant further investigation.

🔬 Heuristic Checks

Outbound Network Calls score 4.5

Found 3 network call pattern(s)

  • rf_counter() with socket.create_connection((host, port), timeout=timeout): break
  • return [] response = requests.get( url='https://groups.api.globus.org/v2/groups/my
  • nt_timeout session = aiohttp.ClientSession( connector=aiohttp.TCPConnector(ssl=ssl_verify),
Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

  • " return pickle.loads(base64.b64decode(data)) class SerializationStrategy(str, Enum): """Enum
  • alize data.""" return pickle.loads(base64.b64decode(data)) class SerializationStrategy(str, E
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository academy-agents/academy appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Globus Labs" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with academy-py 
Create a distributed educational content recommendation system using the 'academy-py' package. This system will recommend personalized educational content based on user preferences and learning history, utilizing stateful agents deployed across multiple federated resources to enhance scalability and performance.

Step 1: Define User Profiles
- Each user profile should include basic information such as age, preferred subjects, learning style (visual, auditory, reading/writing, kinesthetic), and past interactions with educational content.

Step 2: Content Catalog Management
- Develop a catalog of educational content including videos, articles, quizzes, and interactive simulations. Each piece of content should have metadata such as subject, difficulty level, duration, and type of media.

Step 3: Implement Stateful Agents
- Use 'academy-py' to create and manage stateful agents that monitor user profiles and content consumption patterns. These agents should adapt their recommendations over time based on feedback from users and changes in user behavior.

Step 4: Federated Learning Integration
- Deploy these agents across multiple federated resources to ensure the system can scale effectively. This setup should allow for real-time updates to recommendations without compromising on data privacy or security.

Suggested Features:
- Personalized Content Recommendations: Tailor recommendations based on user profiles and past interactions.
- Adaptive Learning Paths: Automatically adjust learning paths based on user progress and engagement levels.
- Feedback Loop: Allow users to rate the relevance and quality of recommended content, which feeds back into improving future recommendations.
- Cross-Device Consistency: Ensure user profiles and learning progress are consistent across different devices and platforms.

Utilizing 'academy-py':
- Leverage the 'academy-py' package to handle the deployment and management of stateful agents responsible for analyzing user data and making recommendations. This includes setting up the necessary infrastructure for federated learning, ensuring seamless communication between agents, and managing the lifecycle of these agents to optimize performance and reliability.