Package Metadata

Author: Andama Godwin
Email: Andama Godwin <[email protected]>
PyPI: acorn-agent
Python: >=3.11
Versions: 2 releases
First release: 17 May 2026, 08:14 UTC
Analysed: 06 Jun 2026, 01:46 UTC
Source files: 17 .py files scanned

Project Links

Documentation Homepage Issues Repository

Classifiers

Environment :: ConsoleIntended Audience :: DevelopersOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software DevelopmentTopic :: Software Development :: Code Generators

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risk due to its high shell execution risk and network activity, which could potentially be exploited for unauthorized command execution or data exfiltration.

High shell risk due to command execution capabilities.
Moderate network risk from sending/receiving JSON data.

Per-check LLM notes

Network: The use of network calls to send and receive JSON data could be legitimate but requires verification of the intended purpose.
Shell: Executing commands through the shell can pose significant risks if not properly sanitized or controlled, indicating potential for misuse or exploitation.
Obfuscation: No obfuscation patterns detected, indicating low risk of code being hidden for malicious purposes.
Credentials: No credential harvesting patterns detected, suggesting the package does not aim to steal secrets or credentials.
Metadata: The maintainer has only one package on PyPI, which might indicate a new or less active account.

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

agent/json" req = urllib.request.Request(url, headers={"Accept": "application/json"})
tion/json"}) with urllib.request.urlopen(req, timeout=3) as resp: data = json

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

try: result = subprocess.run( cmd, shell=True, capture_output=True, text=
try: process = subprocess.Popen( command, shell=True,
ess.run( cmd, shell=True, capture_output=True, text=True, cwd=str(se
command, shell=True, cwd=str(self.working_dir),

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository andamagodwin/acorn appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Andama Godwin" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with acorn-agent

Create a terminal-based code completion and automation assistant named 'CodeMate' using the Python package 'acorn-agent'. CodeMate aims to enhance developer productivity by providing intelligent code suggestions and automating repetitive tasks within the terminal environment. The app should be designed to integrate seamlessly into any development workflow, offering real-time assistance as developers type their code.

Step-by-Step Guide:
1. Set up a Python virtual environment and install the 'acorn-agent' package.
2. Initialize the 'acorn-agent' within your application to start listening for user input in the terminal.
3. Implement a feature where 'acorn-agent' suggests code completions based on the context of the current line being typed.
4. Develop a command system that allows users to trigger specific actions or scripts directly from the terminal via natural language commands.
5. Add an option for users to customize the behavior of 'acorn-agent', such as setting preferences for which languages or frameworks it supports.
6. Integrate logging functionality to track user interactions and suggestions made by 'acorn-agent', allowing for continuous learning and improvement of its AI capabilities.
7. Ensure that the application is secure and respects user privacy, especially when handling sensitive information or code snippets.
8. Test the application thoroughly across different operating systems and terminal emulators to ensure compatibility and stability.
9. Package the application as a standalone executable or a pip-installable package for easy distribution.
10. Document the installation process, usage instructions, and any customization options available to users.

Suggested Features:
- Real-time code suggestion engine powered by 'acorn-agent'
- Customizable command triggers for automating common tasks
- Support for multiple programming languages and frameworks
- Logging and analytics to improve AI performance over time
- User-friendly interface for managing settings and preferences
- Security measures to protect user data and code

Utilization of 'acorn-agent':
- Use 'acorn-agent' to provide intelligent code suggestions by analyzing the context of the current line and suggesting relevant completions.
- Leverage 'acorn-agent's ability to understand and execute natural language commands to create a powerful command system within the terminal.
- Utilize 'acorn-agent's capabilities for continuous learning to improve the accuracy and relevance of code suggestions over time.