activity-finder

v0.1.2 suspicious
4.0
Medium Risk

Resolve Android app labels to launch activities via adb and aapt

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package is rated as suspicious due to its moderate shell execution risk and low maintenance activity, which may suggest potential misuse or outdated practices.

  • Moderate shell execution risk
  • Low maintenance and engagement
Per-check LLM notes
  • Network: No network calls detected.
  • Shell: Shell execution patterns observed may be related to Android APK analysis and manipulation, which could be legitimate for an 'activity-finder' tool but also indicates potential risk if used for unauthorized operations.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows low maintenance and engagement signs, which could indicate potential risk.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • try: output = subprocess.check_output( ["adb", "shell", "pm", "path", package_name
  • l_path: str) -> None: subprocess.check_call( ["adb", "pull", remote_path, local_path],
  • try: result = subprocess.run( [self.aapt, "dump", "badging", apk_path],
  • try: output = subprocess.check_output( ["adb", "shell", "cmd", "package", "resolve
  • try: packages = subprocess.check_output( ["adb", "shell", "pm", "list", "packages"],
  • try: output = subprocess.check_output( ["adb", "shell", "pm", "list", "packages"],
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 8.0

4 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with activity-finder 
Create a command-line utility called 'ActivityLauncher' using Python that leverages the 'activity-finder' package to identify and launch specific activities within an installed Android application. This utility should allow users to input the name of an Android application and specify which activity they wish to launch, based on the app's label. Here are the steps and features your project should include:

1. **Setup**: Begin by installing the necessary packages, including 'activity-finder', 'adb', and any other dependencies required for interfacing with Android devices.
2. **Device Connection**: Ensure the utility can detect and connect to attached Android devices over USB or through IP addresses if the device is connected over Wi-Fi.
3. **App Identification**: Allow users to enter the package name of the Android application they want to interact with. The utility should then use 'activity-finder' to scan the application and retrieve a list of all available activities along with their corresponding labels.
4. **Activity Selection**: Display the retrieved activities in a user-friendly manner, allowing the user to select which activity they wish to launch based on its label.
5. **Launch Activity**: Once an activity is selected, the utility should use 'adb' commands to launch the specified activity within the application.
6. **Error Handling**: Implement robust error handling to manage scenarios such as invalid package names, missing permissions, or issues connecting to the device.
7. **Logging**: Provide logging functionality to record actions taken, errors encountered, and any useful information about the activities found or launched.
8. **User Interface**: Although primarily command-line based, consider adding basic command-line interface (CLI) enhancements like colored text, progress bars, or simple menu options to improve user interaction.
9. **Documentation**: Finally, create comprehensive documentation detailing how to install and use the utility, including examples and best practices for interacting with different types of Android applications.