Package Metadata

Author: —
Email: Naren Sreekanth <[email protected]>
PyPI: aegis-agents
Python: >=3.12
Versions: 3 releases
First release: 02 Jun 2026, 11:41 UTC
Analysed: 06 Jun 2026, 04:02 UTC
Source files: 60 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Scientific/Engineering :: Artificial IntelligenceTopic :: Software Development :: Libraries :: Application FrameworksTyping :: Typed

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits several indicators that raise concerns about its safety, particularly the high shell execution risk and potential credential harvesting, despite having no apparent obfuscation techniques.

High shell risk due to potential unsanitized interactions with system tools
Moderate credential risk suggesting possible sensitive data handling issues

Per-check LLM notes

Network: The network calls are likely for fetching updates or configuration from a server, which is common but should be monitored.
Shell: Executing shell commands can be risky if not properly sanitized or controlled, especially when interacting with system-level tools like Docker.
Obfuscation: No obfuscation patterns detected.
Credentials: Potential for credential harvesting observed, but could be legitimate interaction with user for sensitive inputs.
Metadata: The package shows signs of potentially being a new or inactive account with minimal presence, raising suspicion.

🔬 Heuristic Checks

⚠ Outbound Network Calls score 4.5

Found 3 network call pattern(s)

, url_or_text) async with httpx.AsyncClient( timeout=_FETCH_TIMEOUT_SECONDS, follow_redirects=Tr
try: async with httpx.AsyncClient( base_url=BASE_URL, headers=self._headers, t
try: async with httpx.AsyncClient( base_url=BASE_URL, timeout=TIMEOUT

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

None: try: out = subprocess.check_output( ["git", "rev-parse", "HEAD"], stderr=subprocess
args: str) -> int: return subprocess.call(["docker", "compose", "-f", str(_compose_path()), *args])

⚠ Credential Harvesting score 2.5

Found 1 credential access pattern(s)

{label}{suffix}: " val = getpass.getpass(prompt) if secret else input(prompt) return _sanitize_pr

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aegis-agents

Develop a personalized task management and productivity tool for software developers using the 'aegis-agents' package. This tool should integrate seamlessly into a developer's workflow, offering features such as a job tracker, daily briefings, performance evaluations, and budget tracking. The application should allow users to log their tasks, track progress, receive daily summaries of completed work and upcoming tasks, evaluate their performance against set goals, and manage their time and resources effectively. Utilize the 'aegis-agents' package to implement local-first functionality, ensuring data privacy and efficient offline operation. Additionally, incorporate real-time tracking and notifications to keep users informed about their productivity metrics. The final product should be user-friendly, customizable, and capable of enhancing the overall efficiency and satisfaction of software developers.