aevum-cli

v0.7.1 suspicious
4.0
Medium Risk

Aevum -- command-line interface for operating Aevum nodes.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows some signs of potential risk due to shell execution and obfuscation techniques, although no concrete evidence of malicious activity was found. The low activity of the maintainer's account adds to the suspicion.

  • presence of shell execution
  • use of obfuscation techniques
Per-check LLM notes
  • Network: No network calls were detected, which is not inherently suspicious.
  • Shell: Shell execution is present but without additional context, it's hard to determine intent; however, the presence of shell execution in a CLI tool can be legitimate but requires further scrutiny.
  • Obfuscation: The use of base64 decoding and splitting strings might indicate an attempt to hide logic or data, but could also be a legitimate use for data processing.
  • Credentials: No clear signs of credential harvesting were detected.
  • Metadata: The maintainer has a new or inactive account and lacks a proper author name, which could indicate potential issues but does not strongly suggest malice.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • try: blob = base64.b64decode(b_str) receipt_hash = h.split(":")[-1] if ":" in
Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • gainst: {impl}") result = subprocess.run(args) raise typer.Exit(code=result.returncode) # SPDX-L
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository aevum-labs/aevum appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aevum-cli 
Create a Python-based utility named 'AevumNodeManager' that leverages the 'aevum-cli' package to manage multiple Aevum nodes simultaneously. This utility should allow users to perform common tasks such as starting, stopping, checking status, and updating nodes with ease. Additionally, it should provide advanced functionalities like monitoring node performance metrics, managing node configurations, and handling node backups and restores.

The application should include the following key features:
1. User-friendly CLI interface for interacting with the utility.
2. Ability to add, remove, and list managed Aevum nodes.
3. Commands for starting and stopping individual or all nodes.
4. Node status checks to determine if nodes are running correctly.
5. Automatic updates for nodes when new versions are available.
6. Performance monitoring to track CPU usage, memory consumption, and network activity of each node.
7. Configuration management tools to edit and apply settings to nodes.
8. Backup and restore functionality to save and recover node data.
9. Logging system to record all operations performed on nodes.

To utilize the 'aevum-cli' package effectively, you will need to install it via pip and use its commands and options to interact with Aevum nodes. For example, you can use 'aevum-cli start', 'aevum-cli stop', 'aevum-cli status', etc., within your Python scripts to control the nodes. Make sure to handle errors gracefully and provide informative feedback to the user at every step.