acedeploy

v2.4.342 suspicious
6.0
Medium Risk

Deployment framework for Snowflake DWH

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to network and shell execution activities, with no clear malicious intent identified. However, low maintainer activity and poor metadata quality raise concerns.

  • Moderate network risk
  • High shell risk
  • Low maintainer activity
Per-check LLM notes
  • Network: POST requests to external URLs may indicate data transmission, which could be legitimate but also raises concerns about potential data exfiltration.
  • Shell: Executing scripts via subprocess.run can be risky if the input is not sanitized, potentially allowing for arbitrary code execution.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows signs of low maintainer activity and poor metadata quality, raising some suspicion but not strong evidence of malice.

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • sion=7.0" response = requests.post(url=url, headers=headers, verify=True, json=data) i
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • ct_info() # process = subprocess.run( # ["python", script_path, json.dumps(connection
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: accenture.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with acedeploy 
Build a simple Python application using the acedeploy package to demonstrate its core features.