ado-dashboard

v0.3.0 suspicious
5.0
Medium Risk

Interactive terminal dashboard for Azure DevOps PRs and work items

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows moderate risks due to its shell interaction patterns and limited maintainer history, though there are no direct signs of malicious activities like obfuscation or credential harvesting.

  • Shell risk due to potential interaction with Git and Azure CLI
  • Limited maintainer history and community engagement
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package relies on external services.
  • Shell: Shell execution patterns suggest the package may be interacting with Git and Azure CLI tools, which could be legitimate if related to versioning or user management, but requires further investigation into package functionality.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious obfuscation.
  • Credentials: No credential harvesting patterns detected, indicating low risk of malicious credential theft.
  • Metadata: The package is new with limited maintainer history and no community engagement, indicating potential risk.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 6.0

Found 3 shell execution pattern(s)

  • """ try: result = subprocess.run( ["git", "describe", "--tags", "--always", "--di
  • ession.id]) try: subprocess.Popen(cmd) # noqa: S603 — fire-and-forget except OSError as e
  • """ try: result = subprocess.run( ["az", "account", "show", "--query", "user.name
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 4.0

2 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author "ado-dashboard contributors" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ado-dashboard 
Develop a mini-application called 'DevOpsInsight' using the Python package 'ado-dashboard'. This application will serve as a real-time monitoring tool for developers and project managers to track their Azure DevOps Pull Requests (PRs) and work items directly from their command line interface. The application should be interactive, allowing users to navigate through different sections of their projects and view detailed information about PRs and work items without needing to switch to a web browser.

### Core Features:
1. **Dashboard Overview**: Display a high-level overview of all open PRs and work items across multiple projects.
2. **Detailed View**: Allow users to drill down into specific PRs or work items to see detailed information such as description, comments, assignees, and links to related issues.
3. **Interactive Navigation**: Provide navigation options within the terminal to switch between different projects, PRs, and work items.
4. **Real-Time Updates**: Implement a feature to periodically refresh data to ensure that the information displayed is up-to-date.
5. **Customizable Filters**: Enable users to filter PRs and work items based on criteria such as status, priority, and assignee.
6. **Export Functionality**: Offer the ability to export selected PRs or work items to a CSV file for further analysis.

### Utilization of 'ado-dashboard':
- Use the 'ado-dashboard' package to create the interactive terminal UI for displaying and navigating through PRs and work items.
- Leverage its API to fetch data from Azure DevOps and update the dashboard dynamically.
- Integrate its interactive features to allow users to interact with the dashboard via keyboard inputs or commands.

### Step-by-Step Development Plan:
1. Set up the development environment with necessary libraries including 'ado-dashboard'.
2. Define the structure of your application, focusing on the main menu and sub-menus for different functionalities.
3. Implement the dashboard overview function, fetching and displaying data from Azure DevOps using 'ado-dashboard'.
4. Develop the detailed view functionality, ensuring that it provides comprehensive details about each PR and work item.
5. Add interactive navigation capabilities to allow users to move between different sections of the application.
6. Implement real-time updates to keep the dashboard current.
7. Create customizable filters to help users focus on specific PRs and work items.
8. Include export functionality to enable users to save data for offline review.
9. Test the application thoroughly to ensure all features work as expected.
10. Deploy the application and document its usage for other team members.