ads-facturx

v0.5.2 suspicious
4.0
Medium Risk

(No description)

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows low risks in terms of network usage, shell execution, obfuscation, and credential harvesting. However, the presence of a suspicious non-HTTPS link and a new maintainer account raises concerns about potential supply-chain attacks.

  • Suspicious non-HTTPS link
  • New maintainer account
Per-check LLM notes
  • Network: No network calls detected, which is normal for a package focused on local file processing.
  • Shell: No shell execution detected, indicating the package does not attempt to execute external commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: Suspicious non-HTTPS link and new maintainer account suggest potential risk.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: alchimiedatasolutions.com

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://www.alchimiedatasolutions.com
Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "antoineducoulombier" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ads-facturx 
Create a Python-based mini-application called 'InvoiceGenerator' that utilizes the 'ads-facturx' package to generate, validate, and assemble electronic invoices following the Factur-X/EN 16931 standard. The application should have a user-friendly command-line interface (CLI) where users can input necessary invoice details such as buyer and seller information, items being invoiced, quantities, prices, and tax details. After gathering these inputs, the application will use the 'ads-facturx' package to create a compliant Factur-X invoice file. Additionally, the application should offer a feature to validate the generated invoice against the Factur-X standard before finalizing it. Once validated, the application should provide options to either save the invoice as a PDF or XML file, or to send it directly via email. Suggested advanced features include integration with a cloud storage service like AWS S3 for storing the generated invoices and a report generation feature to track all invoices created through the application.