AI Analysis
Final verdict: SAFE
The package shows low risk indicators across all categories except for a moderate obfuscation risk due to base64 decoding. The maintainer's metadata is slightly suspicious but not conclusively malicious.
- Moderate obfuscation risk
- Suspicious maintainer metadata
Per-check LLM notes
- Network: No network calls detected, which is normal if the package does not require external API interactions.
- Shell: No shell execution patterns detected, indicating the package likely does not execute system commands.
- Obfuscation: The presence of base64 decoding suggests some level of obfuscation, but it could be legitimate for data handling purposes.
- Credentials: No patterns indicative of credential harvesting were detected.
- Metadata: The maintainer's author name is missing or very short and appears to be new or inactive, raising some suspicion but not conclusive evidence of malice.
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
score 10.0
Found 5 obfuscation pattern(s)
_body: raw_body = base64.b64decode(raw_body).decode('utf-8') return JsonHelper.decode(rvent, 'body': base64.b64decode(event['body']).decode('utf-8'), 'isBase64Enctry: request = base64.b64decode(self.__body).decode('utf-8') except Exception as err(self): b64_decoded = base64.b64decode(self._record.get('data')).decode('utf-8') return Jso(self): b64_decoded = base64.b64decode(self._record.get('kinesis', {}).get('data')).decode('utf-8')
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: gmail.com>
Suspicious Page Links
All external links appear legitimate
Git Repository History
Repository syngenta/acai-python appears legitimate
Maintainer History
score 4.0
2 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with acai-aws
Create a fully functional mini-application using the 'acai-aws' package to manage a simple inventory system for a small business. This application should allow users to add new items, update existing item information, delete items, and retrieve item details. Additionally, the application should have a feature to trigger an alert via email whenever an item's stock level falls below a predefined threshold. The application should follow these steps: 1. Set up an AWS Lambda function using 'acai-aws' to handle API requests for adding, updating, deleting, and retrieving items from a DynamoDB table. 2. Implement a scheduled event handler that periodically checks the stock levels of all items in the DynamoDB table against a predefined threshold. 3. If any item's stock level is below the threshold, send an email alert to a specified recipient using Amazon SES. 4. Ensure the application is highly configurable and easy to maintain by leveraging the declarative nature of 'acai-aws'. 5. Include documentation on how to deploy and use the application, including setting up the necessary AWS resources such as the DynamoDB table and SES email sending permissions. Suggested Features: - User authentication for accessing the API endpoints. - Integration with Amazon SNS for sending alerts instead of emails. - Support for multiple thresholds per item. - A user-friendly UI for managing the inventory through the API endpoints. How 'acai-aws' is utilized: - Use 'acai-aws' to define and configure the AWS Lambda functions for handling CRUD operations on the inventory items. - Utilize the package's event processing capabilities to set up scheduled jobs for checking stock levels. - Leverage 'acai-aws' to simplify the setup and configuration of AWS resources needed for the application.