address-to-proxy

v0.1.1 suspicious
5.0
Medium Risk

Resolve postal addresses into proxy account connection details.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to its network and shell execution capabilities, with no evident signs of malicious intent. However, the combination of these risks warrants further scrutiny.

  • network risk from HTTPX client usage
  • shell risk from subprocess calls
Per-check LLM notes
  • Network: The use of HTTPX client indicates the package makes network requests which could be legitimate, but the presence of proxy settings might indicate traffic redirection or bypassing.
  • Shell: Subprocess calls to external scripts and commands can be risky as they may execute arbitrary code, suggesting potential for executing unintended actions.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious obfuscation.
  • Credentials: No credential harvesting patterns detected, indicating low risk of malicious credential theft.
  • Metadata: The package shows low effort in metadata and maintainer history, but lacks clear indicators of malicious intent.

🔬 Heuristic Checks

Outbound Network Calls score 6.0

Found 4 network call pattern(s)

  • self.client = client or httpx.Client(timeout=timeout) def parse(self, address: str) -> Parse
  • else: with httpx.Client(proxy=proxy, timeout=self.timeout) as client:
  • self.client = client or httpx.Client(timeout=timeout) self.sid_generator = sid_generator
  • ax_retries=3), client=httpx.Client(transport=httpx.MockTransport(handler)), ) result =
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • ROOT / "run.py" result = subprocess.run( [sys.executable, str(script), "resolve", "--help"],
  • .st_mode & 0o111 result = subprocess.run( ["bash", "-n", str(script)], check=False,
  • ys.executable)) result = subprocess.run( [ str(system_python), str(s
  • ROOT / "run.py" result = subprocess.run( [str(script), "resolve", "--help"], check=F
  • ROOT / "run.py" result = subprocess.run( [str(script), "123 Example St,Example City,North Ca
  • ROOT / "run.py" result = subprocess.run( [str(script), "123", "Example", "St,Example City,No
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with address-to-proxy 
Create a mini-application called 'ProxyFinder' that utilizes the Python package 'address-to-proxy' to resolve postal addresses into proxy server connection details. This application will serve as a tool for users who need to quickly find a proxy server based on their location. Here’s a detailed breakdown of what your application should do:

1. **User Interface**: Develop a simple and user-friendly interface where users can input a postal address.
2. **Address Validation**: Implement a feature to validate the entered address using an external API or service to ensure accuracy before proceeding.
3. **Proxy Resolution**: Use the 'address-to-proxy' package to convert the validated address into proxy server connection details. Display these details in a readable format.
4. **Proxy Testing**: Include a functionality that allows users to test the resolved proxy by attempting to connect to a basic web resource like Google.com.
5. **Error Handling**: Ensure robust error handling for scenarios such as invalid addresses, unresponsive proxies, or issues connecting to the validation service.
6. **Logging**: Maintain a log file to keep track of all operations including successful resolutions, failed attempts, and testing outcomes.
7. **Security Measures**: Since dealing with proxy servers might involve sensitive data, ensure proper security measures are in place to protect user inputs and logs.
8. **Documentation**: Provide comprehensive documentation detailing how to install and use the application, along with any prerequisites.

Optional Features:
- **Proxy Rating**: Integrate a rating system where users can rate the performance of the proxy they tested.
- **History Feature**: Allow users to view their past searches and proxy test results.
- **Customizable Connection Settings**: Enable users to adjust settings such as timeout duration and retry counts for proxy connections.
- **Multi-language Support**: Make the application available in multiple languages to cater to a wider audience.

By following these guidelines, you'll create a valuable tool that simplifies the process of finding and validating proxy servers based on geographic location.