AI Analysis
Final verdict: SUSPICIOUS
The package is suspicious due to high obfuscation and metadata risks, which may indicate attempts to conceal its true purpose. The network interactions also warrant further investigation.
- High obfuscation risk
- Untraceable repository and new maintainer
Per-check LLM notes
- Network: The package makes POST requests to a specific URL, which could indicate legitimate API interaction but should be reviewed for the nature of the data being sent.
- Shell: No shell execution patterns were detected.
- Obfuscation: The code appears to be obfuscated which could indicate an attempt to hide the true functionality of the code from casual inspection.
- Credentials: No clear patterns for harvesting credentials or secrets were detected.
- Metadata: The package shows several red flags including an untraceable repository and a new, possibly inactive maintainer with limited history.
Heuristic Checks
Outbound Network Calls
score 3.0
Found 2 network call pattern(s)
) post_calls = m.requests.get(("POST", f"{TEST_BASE_URL}/sdk/v1/ads/fetch")) a: self._session = aiohttp.ClientSession(timeout=self._timeout) return self._session def
Code Obfuscation
score 2.0
Found 1 obfuscation pattern(s)
lf._device) model.eval() return model loop = asyncio.get_event
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
No author email provided
Suspicious Page Links
All external links appear legitimate
Git Repository History
score 3.0
Repository not found (deleted or private)
Repository not found (deleted or private)
Maintainer History
score 6.0
3 maintainer concern(s) found
Only one version has ever been released — brand new packageAuthor name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with adtext
Create a mini-advertising campaign management tool using the 'adtext' Python package. This tool will allow users to manage their advertising campaigns by uploading ad content, scheduling ad delivery, and tracking performance metrics. Here’s a detailed plan on how to build it: 1. **Setup Project Environment**: Begin by setting up your Python development environment and installing the 'adtext' package along with other necessary libraries such as pandas for data manipulation and matplotlib for visualization. 2. **User Interface Design**: Develop a simple command-line interface (CLI) where users can interact with the tool. The CLI should have commands for adding new ads, scheduling them, and viewing campaign analytics. 3. **Ad Content Management**: Implement functionality to upload ad content through the CLI. Users should be able to provide ad details such as title, description, image URLs, and target audience demographics. 4. **Scheduling Mechanism**: Utilize 'adtext' to schedule when these ads should be delivered. This involves setting start and end dates/times for each ad campaign and ensuring that the 'adtext' package is properly configured to handle scheduled deliveries. 5. **Performance Tracking**: After ads are delivered, use 'adtext' to gather performance metrics like click-through rates, impressions, and conversion rates. Integrate this data into the tool so that users can view real-time analytics about their campaigns. 6. **Reporting and Visualization**: Finally, implement a feature to generate reports and visualizations based on the collected data. Use matplotlib to create graphs showing trends in performance over time and to compare different campaigns against each other. By following these steps, you'll create a powerful yet user-friendly tool that leverages the capabilities of the 'adtext' package to manage and optimize advertising campaigns.