Package Metadata

Author: Adobe Type team & friends
Email: Unknown <[email protected]>
PyPI: afdko
Python: >=3.10
Versions: 47 releases
First release: 26 Jan 2018, 23:38 UTC
Analysed: 06 Jun 2026, 05:03 UTC
Source files: 61 .py files scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersOperating System :: MacOS :: MacOS XOperating System :: Microsoft :: WindowsOperating System :: POSIX :: LinuxProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Programming Language :: Python :: 3.14

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows moderate risk due to potential code obfuscation and shell execution, which may indicate unconventional or potentially malicious intent.

High obfuscation risk due to use of eval()
Unusual shell execution patterns

Per-check LLM notes

Network: No network calls detected, indicating low risk for direct data exfiltration or C2.
Shell: Shell execution patterns suggest the package may be intended to run external programs, which is unusual and requires further investigation into the legitimacy of these operations.
Obfuscation: The code uses dynamic evaluation with eval(), which is a common obfuscation technique and can be used for malicious purposes.
Credentials: No direct harvesting of credentials or secrets is observed in the provided code snippets.
Metadata: The maintainer has only one package, which could indicate a new or less active account, but no other suspicious flags were raised.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

ag + clientMethod state = eval("params." + methodName) try: state = eval(state)
odName) try: state = eval(state) except TypeError: pass if state: s
params.metaDataTextSize eval("self." + methodName + "(params)") def writeErrorList(sel
self.hhints[i] h1 = float(eval(hint[0])) width = float( eval(hint[1])) h2 = h1 + widt
l(hint[0])) width = float( eval(hint[1])) h2 = h1 + width if params.rt_hintTableList:
self.vhints[i] h1 = float(eval(hint[0])) width = float( eval(hint[1])) h2 = h1 + widt

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

): try: command = subprocess.run([antlr_program], capture_output=True) except (subprocess
not args.dry_run: a = subprocess.run(prog, stdout=subprocess.PIPE, std
t else None try: subprocess.check_call(args, stderr=sup, stdout=sup) return True except
""" try: proc = subprocess.Popen(args, stdout=subprocess.PIPE
try: bytes_output = subprocess.check_output(args, stderr=stderr) str_output = bytes_output.decod
t=None): try: p = subprocess.Popen(cmd, shell=shell, stdout=subprocess.PIPE,

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: adobe.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository adobe-type-tools/afdko appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Adobe Type team & friends" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with afdko

Develop a Python-based font manipulation tool named 'FontForgeHelper' that leverages the Adobe Font Development Kit for OpenType (AFDKO) to provide advanced capabilities for font designers and developers. This tool will serve as a bridge between Python scripting and AFDKO commands, enabling users to automate various tasks related to font development and analysis.

### Key Features:
1. **Font Conversion**: Users should be able to convert fonts between different formats supported by AFDKO, such as TTF to OTF and vice versa.
2. **Font Validation**: Implement a feature to validate fonts against the latest OpenType specifications using AFDKO’s validation tools. This includes checking for common issues like missing glyphs, incorrect character mappings, and other compliance problems.
3. **Glyph Editing**: Allow basic editing of glyphs within fonts, such as renaming, adding new glyphs, and removing existing ones. This should leverage AFDKO’s glyph manipulation capabilities.
4. **Font Information Extraction**: Provide an interface to extract detailed information about fonts, including metrics, kerning pairs, and other font-specific data.
5. **Custom Scripts**: Enable users to write custom scripts that can interact with AFDKO commands via Python, allowing for more complex font manipulations and analyses.

### How to Utilize AFDKO:
- **Integration**: Use the `afdko` Python package to integrate AFDKO commands into your Python scripts seamlessly. This involves calling AFDKO binaries from within your Python code.
- **Automation**: Automate repetitive tasks by chaining multiple AFDKO commands together in your Python scripts.
- **Error Handling**: Implement robust error handling to manage any issues that arise during the execution of AFDKO commands, ensuring that the user is informed of any errors or warnings.
- **User Interface**: Develop a simple command-line interface (CLI) for interacting with your tool, making it accessible and easy to use for both beginners and experienced font developers.

### Expected Outcome:
By the end of this project, you will have developed a versatile font manipulation tool that not only simplifies the process of working with fonts but also enhances the capabilities of font developers by integrating powerful AFDKO functionalities through a Pythonic interface.