agenlus-hub

v0.2.7 suspicious
6.0
Medium Risk

Python client for Agenlus model upload pipeline.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risk, primarily due to network and metadata risks. While no direct malicious activities are evident, the combination of potential data exfiltration through network calls and suspicious metadata indicators raises concerns.

  • network risk due to external URL calls
  • high metadata risk due to recent repository creation and low activity
Per-check LLM notes
  • Network: Network calls to external URLs with conditional checks on HTTP status codes may indicate legitimate functionality but could also suggest data exfiltration or communication with unauthorized servers.
  • Shell: No shell execution patterns detected, suggesting low risk for direct system command injection.
  • Obfuscation: The code shows signs of obfuscation which could indicate an attempt to hide functionality, but it may also be used for legitimate purposes such as protecting intellectual property.
  • Credentials: No clear patterns indicating credential harvesting were found.
  • Metadata: High risk due to recent repository creation, low activity indicators, and single package maintainer history.

🔬 Heuristic Checks

Outbound Network Calls score 6.0

Found 4 network call pattern(s)

  • /{env_id}" response = requests.get(spec_url, headers=headers) if response.status_code !
  • try: reg_response = requests.post(register_url, headers=reg_headers, json=payload) if
  • /{env_id}" response = requests.get(spec_url, headers=headers) if response.status_code =
  • try: response = requests.get(url, headers=headers) if response.status_code != 200
Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

  • al_rewards = [] model.eval() for ep in range(episodes): #
  • ot a function". model.eval() _onnx_export_kwargs = dict( export_par
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 7.5

Git history flags: Repository created very recently: 4 day(s) ago (2026-06-02T06:40:52Z)

  • Repository created very recently: 4 day(s) ago (2026-06-02T06:40:52Z)
  • Repository has zero stars and zero forks
  • All 20 commits happened within 24 hours
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Agenlus Team" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agenlus-hub 
Create a mini-application named 'ModelMigrator' using Python that leverages the 'agenlus-hub' package to automate the process of uploading machine learning models to a cloud-based storage service provided by Agenlus. This application should serve as a user-friendly interface for developers and data scientists to easily manage their models without needing to manually interact with the Agenlus API.

The 'ModelMigrator' app should include the following functionalities:
1. **User Authentication:** Allow users to authenticate themselves using OAuth2 tokens or similar mechanisms supported by the Agenlus API.
2. **Model Upload:** Implement a feature where users can select a local file (model file, configuration files, etc.) and upload it to the Agenlus cloud storage.
3. **Progress Tracking:** Display real-time progress of the upload process, including estimated time remaining and percentage completion.
4. **Error Handling:** Gracefully handle errors during the upload process and provide meaningful error messages to the user.
5. **Model Management:** After successful upload, allow users to view a list of all uploaded models, delete specific models, and update existing ones if necessary.
6. **Documentation Generation:** Automatically generate documentation for each uploaded model based on its metadata, such as input/output formats, version information, etc.
7. **Integration with Other Tools:** Provide basic integration capabilities with popular CI/CD pipelines like Jenkins or GitHub Actions, allowing for automated model uploads during the deployment phase.

To utilize the 'agenlus-hub' package, you'll need to install it via pip and then use its functions to interact with the Agenlus model upload pipeline. Specifically, focus on using the package to authenticate users, initiate uploads, and manage the lifecycle of models within the cloud storage. Additionally, explore how the package handles different types of exceptions and errors to ensure robustness in your application.