adauto

v0.5.8 suspicious
6.0
Medium Risk

Developer marketing automation — pulse scanning, ethics filter, multi-platform posting

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits elevated risks due to its network and shell execution behaviors, suggesting potential for unauthorized actions. While there is no definitive proof of malicious intent, the combination of these factors raises concerns.

  • High network and shell execution risks
  • Potential for hidden functionality due to obfuscation
Per-check LLM notes
  • Network: The network calls suggest external communication which could be for legitimate purposes but may also indicate data exfiltration or C2 activity.
  • Shell: The shell execution patterns include running external commands and scripts, which can be risky if not properly sanitized or controlled, potentially leading to arbitrary code execution.
  • Obfuscation: The presence of obfuscated patterns related to LLM backends suggests potential for hidden functionality, possibly for unauthorized API calls or other malicious activities.
  • Credentials: No clear evidence of credential harvesting, but the obfuscation could hide such functionality.
  • Metadata: The package shows some red flags but no clear signs of being malicious or part of a supply-chain attack.

🔬 Heuristic Checks

Outbound Network Calls score 6.0

Found 4 network call pattern(s)

  • ": 2}).encode() req = urllib.request.Request( ds_url.rstrip("/") + "/eval", data=body
  • POST", ) with urllib.request.urlopen(req, timeout=timeout) as r: answer = jso
  • llib.request try: urllib.request.urlopen(url, timeout=timeout) return True except
  • request try: with urllib.request.urlopen(_ds_base_url() + "/devices", timeout=1.5) as r:
Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

  • LLM backend: 1. deepstrain /eval (if reachable — richest context, uses your BYOK) 2. Direct
  • gnal 2. Try deepstrain /eval (if reachable) 3. Fallback: direct OpenAI-compat / Anth
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • }") try: result = subprocess.run( [vhs_bin, str(tape_path), "-o", str(out_gif)],
  • -> str: try: r = subprocess.run(["git", "-C", str(root), "remote", "get-url", "origin"],
  • install") return subprocess.Popen(["wscript.exe", str(vbs)]) print("[service] started")
  • def _win_stop() -> None: subprocess.run( ["powershell", "-Command", f"Get-Process -
  • tatus() -> None: result = subprocess.run( ["powershell", "-Command", "Get-Process py
  • y=default.target\n" ) subprocess.run(["systemctl", "--user", "daemon-reload"]) subprocess.run
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://127.0.0.1:8766/ui
Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with adauto 
Create a social media content management tool using the Python package 'adauto'. This tool will help users automate their social media presence by scanning for trending topics, filtering content based on ethical guidelines, and scheduling posts across multiple platforms. Here’s a detailed breakdown of the project requirements:

1. **User Interface**: Develop a simple yet intuitive command-line interface (CLI) that allows users to interact with the tool easily.
2. **Trending Topic Scanner**: Utilize adauto's pulse scanning feature to fetch trending topics from various sources such as Twitter, Reddit, and Hacker News. Display these topics in a user-friendly format within the CLI.
3. **Ethics Filter**: Implement an ethics filter using adauto's built-in capabilities to ensure that any content suggested for posting adheres to predefined ethical standards. Users should be able to customize these standards according to their preferences.
4. **Multi-Platform Posting**: Integrate support for at least three major social media platforms (e.g., Twitter, Facebook, LinkedIn). Use adauto's multi-platform posting functionality to schedule posts directly from the CLI.
5. **Content Scheduling**: Allow users to schedule posts for specific times or dates. Ensure that the tool respects platform-specific rules regarding post frequency and timing.
6. **Analytics Dashboard**: Provide basic analytics on the performance of scheduled posts, including reach, engagement metrics, and any other relevant data provided by the platforms.
7. **Customization Options**: Enable users to configure the tool according to their needs, such as setting up custom filters, adjusting posting intervals, and specifying preferred platforms.

By completing this project, you will gain hands-on experience with the adauto package and learn how to integrate its powerful features into a practical application. This tool can serve as a valuable asset for developers looking to streamline their social media marketing efforts.