acc-cli

v0.1.4 suspicious
6.0
Medium Risk

ACC-02: Databricks pipeline project scaffolding and build CLI

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks, particularly due to its network calls and potential unintended system operations through shell execution, despite showing no direct signs of malicious activity.

  • High network risk
  • Potential for unintended system operations
Per-check LLM notes
  • Network: The network call to an API endpoint with a token suggests unauthorized data access or exfiltration.
  • Shell: Executing a build command via subprocess might be legitimate but could also indicate the package is performing unintended operations on the system.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows low maintenance effort and lacks a GitHub repository, which raises some concerns but does not strongly indicate malicious intent.

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • reds["token"] resp = requests.get( f"{host}/api/2.0/workspace/list?path=/",
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • ect_root) completed = subprocess.run( [sys.executable, "-m", "build", "--wheel"],
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with acc-cli 
Create a fully-functional mini-application called 'DatabricksPipelineManager' that leverages the 'acc-cli' package to streamline the creation and management of Databricks pipelines. This application should allow users to easily scaffold new pipeline projects, manage dependencies, and build their pipelines efficiently. Here's a detailed breakdown of what your application should do:

1. **Project Initialization**: Users should be able to initialize a new Databricks pipeline project using 'acc-cli'. This includes setting up the necessary directory structure, configuration files, and initial code templates.
2. **Dependency Management**: Implement a feature that allows users to add, remove, or update dependencies within their pipeline project. This could include libraries, frameworks, or other external resources required for the pipeline execution.
3. **Build and Deployment**: Develop a functionality that uses 'acc-cli' to compile the pipeline project and prepare it for deployment on Databricks. This should include packaging the project into a format suitable for Databricks and ensuring all dependencies are correctly included.
4. **Pipeline Execution**: Once built, users should be able to execute their pipeline directly from the application. This involves submitting the pipeline job to Databricks and monitoring its status until completion.
5. **Version Control Integration**: Integrate version control systems (like Git) into the workflow so that changes to the pipeline project can be tracked and managed effectively.
6. **Documentation Generation**: Automatically generate documentation for each pipeline project, detailing the steps involved, dependencies, and any other relevant information.
7. **User Interface**: Design a simple yet intuitive user interface for interacting with the application. This could be a command-line interface (CLI) or a graphical user interface (GUI), depending on your preference.

To achieve these functionalities, you will need to utilize the 'acc-cli' package extensively. For example, use its commands for initializing projects, managing configurations, and building pipelines. Additionally, explore how you can extend or customize 'acc-cli' to better suit the needs of Databricks pipeline management.

This project aims to simplify the process of developing and maintaining Databricks pipelines, making it accessible even to those without extensive experience in Databricks or similar platforms.