acellera-openmmforcefields

v0.16.0 safe
3.0
Low Risk

(No description)

🤖 AI Analysis

Final verdict: SAFE

The package appears to be legitimate with minor concerns about network and shell risks, indicating potential issues with command execution and content integrity but not conclusive evidence of malicious intent.

  • network risk due to urllib usage
  • shell risk from subprocess calls
Per-check LLM notes
  • Network: The use of urllib for downloading files might be legitimate for fetching models or other resources but should be reviewed for the source and integrity of the downloaded content.
  • Shell: Use of subprocess to execute commands could be legitimate depending on the context, but it increases risk of unintended command execution, especially if inputs are not properly sanitized.
  • Obfuscation: The observed pattern does not indicate malicious obfuscation but rather a standard method call within the context of machine learning model evaluation.
  • Credentials: No patterns indicative of credential harvesting or secret storage were detected.
  • Metadata: The maintainer has only one package, and there are several non-HTTPS links which could indicate outdated or insecure practices, but no clear signs of malice.

🔬 Heuristic Checks

Outbound Network Calls score 3.0

Found 2 network call pattern(s)

  • try: urllib.request.urlretrieve(url, filename=temp_filename)
  • name, "model.pt") urllib.request.urlretrieve(url, filename=filename) # Create a n
Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • ) self.espaloma_model.eval() # Cache a copy of the OpenMM System generated for
Shell / Subprocess Execution score 10.0

Found 5 shell execution pattern(s)

  • if "acdoctor" in subprocess.getoutput(cmd): supports_acdoctor = True
  • bug(cmd) output = subprocess.getoutput(cmd) import os if not os.path.exist
  • bug(cmd) output = subprocess.getoutput(cmd) if not os.path.exists("out.frcmod"):
  • ust git process = subprocess.Popen( [command] + args, cwd=cwd,
  • ust git process = subprocess.Popen([command] + args, cwd=cwd, env=env,
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: choderalab.org

Suspicious Page Links score 10.0

Found 10 suspicious link(s) on the package page

  • Non-HTTPS external link: http://ambermd.org/antechamber/gaff.html
  • Non-HTTPS external link: http://mackerell.umaryland.edu/charmm_ff.shtml
  • Non-HTTPS external link: http://openforcefield.org
  • Non-HTTPS external link: http://docs.openmm.org/latest/userguide/application.html#force-fields
  • Non-HTTPS external link: http://docs.openmm.org/latest/api-python/generated/openmm.app.forcefield.ForceFi
  • Non-HTTPS external link: http://docs.openmm.org/latest/userguide/application.html#adding-residue-template
Git Repository History

Repository choderalab/openmm-forcefields appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Chodera lab // MSKCC" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with acellera-openmmforcefields 
Create a mini-application that simulates molecular dynamics using the Acellera OpenMM Force Fields package in Python. This application will allow users to input a molecular structure file (such as PDB or mol2 format) and select from a variety of force fields supported by the package. The application should perform the following steps:

1. **Molecular Structure Input**: Allow users to upload a molecular structure file.
2. **Force Field Selection**: Provide a dropdown menu for selecting different force fields available in the 'acellera-openmmforcefields' package.
3. **Simulation Setup**: Configure simulation parameters such as temperature, time step, and total simulation time.
4. **Run Simulation**: Execute the molecular dynamics simulation using the selected force field and parameters.
5. **Visualization**: Display the results of the simulation, showing the trajectory of atoms over time.
6. **Export Results**: Enable users to export the simulation results in a common format like .dcd or .pdb.

The application should utilize the 'acellera-openmmforcefields' package to load the appropriate force field parameters and integrate them into the simulation setup. Additionally, incorporate error handling to manage issues like unsupported file formats or incorrect parameter settings. Ensure the application is user-friendly and provides clear instructions on each step of the process.