acc-fwu

v0.4.0 suspicious
5.0
Medium Risk

A tool to update Linode/ACC firewall rules with your current IP address.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a moderate level of risk due to its network activities and the maintainer's limited history with PyPI.

  • Network risk due to external URL interactions
  • Low activity from the maintainer on PyPI
Per-check LLM notes
  • Network: The package makes network calls to various URLs which could indicate legitimate functionality but also raises concerns about potential unauthorized data access or exfiltration.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity related to code obfuscation.
  • Credentials: No credential harvesting patterns detected, suggesting the package is not engaging in suspicious behavior regarding secret or credential handling.
  • Metadata: The maintainer has only one package, which may indicate a new or less active account, raising some suspicion but not conclusive evidence of malice.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • hile True: response = requests.get( LINODE_DATABASES_LIST_URL, headers=
  • uth_headers() response = requests.put( f"{LINODE_DATABASES_BASE_URL}/{engine}/instances/{d
  • fails. """ response = requests.get( "https://api.ipify.org?format=json", timeou
  • hile True: response = requests.get( "https://api.linode.com/v4/networking/firewalls
  • existing rules response = requests.get( f"https://api.linode.com/v4/networking/firewalls/{f
  • filtered list response = requests.put( f"https://api.linode.com/v4/networking/firewalls/{f
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: bradshaw.cloud

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository johnybradshaw/acc-firewall_updater appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "John Bradshaw" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with acc-fwu 
Build a simple Python application using the acc-fwu package to demonstrate its core features.