agent-chat-gateway

v0.4.0 safe
4.0
Medium Risk

Daemon that bridges chat platforms (Rocket.Chat and more) to AI agent backends (Claude, OpenCode)

πŸ€– AI Analysis

Final verdict: SAFE

The package shows low risks across all categories except for shell and network risks, which are moderately high but do not strongly suggest malicious intent. The lack of obfuscation and credential risks further supports its safety.

  • Moderate network and shell risks due to potential external service interactions and command executions.
  • Low obfuscation and credential risks.
Per-check LLM notes
  • Network: The network calls are likely for making HTTP requests to external services which might be part of the package's intended functionality.
  • Shell: Executing shell commands could be legitimate if the package is designed for tasks like updating dependencies or interacting with version control systems, but it also introduces risks such as unintended command execution.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The maintainer has only one package, which may indicate a new or less active account, raising some suspicion but not conclusive evidence of malice.

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • : int = 12) -> str: req = urllib.request.Request(url, headers={"User-Agent": _UA}) with urllib.re
  • {"User-Agent": _UA}) with urllib.request.urlopen(req, timeout=timeout) as resp: return resp.r
  • se_url self._client = httpx.AsyncClient(base_url=base_url, timeout=self.timeout) self._ever_
  • ne = None async with httpx.AsyncClient(timeout=2.0) as client: while asyncio.get_runnin
  • y: async with httpx.AsyncClient( # TCP-level connect timeout is intentio
  • self._reply_client = httpx.AsyncClient(timeout=10.0) self._sse_task = asyncio.create_task(
βœ“ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 10.0

Found 5 shell execution pattern(s)

  • try: result = subprocess.run( [cmd, "--version"], capture
  • repo_path} ...") result = subprocess.run( ["git", "-C", str(repo_path), "pull"], chec
  • ync[/bold] ...") result = subprocess.run( [uv, "sync"], cwd=str(repo_path), c
  • way[/bold] ...") result = subprocess.run( [sys.executable, "-m", "pip", "install", "--upgrade
  • /bold] ...") result = subprocess.run( ["brew", "upgrade", "agent-chat-gateway"],
βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

No author email provided

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

Repository HammerMei/agent-chat-gateway appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "HammerMei" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with agent-chat-gateway 
Create a real-time conversational AI assistant named 'ChatBuddy' that integrates seamlessly with Rocket.Chat and leverages Claude as its AI backend through the 'agent-chat-gateway' package. Your task is to develop a fully-functional mini-application that allows users to interact with Claude via Rocket.Chat without leaving their chat interface. Here’s a detailed guide on how to achieve this:

1. **Setup Environment**: Begin by setting up your development environment. Ensure you have Python installed along with the 'agent-chat-gateway' package. Use pip to install the package if it's not already installed.

2. **Project Structure**: Define the structure of your project. Include directories for configuration files, logs, and any additional scripts or utilities you might need.

3. **Configuration File**: Create a configuration file where you will specify settings such as Rocket.Chat server URL, API keys, and details related to connecting with Claude. This file should be easily modifiable without altering the codebase.

4. **Integration with Rocket.Chat**: Utilize the 'agent-chat-gateway' package to establish a connection between Rocket.Chat and your application. This involves setting up listeners for incoming messages and mechanisms to send responses back to Rocket.Chat.

5. **AI Backend Connection**: Configure the connection to Claude using the 'agent-chat-gateway'. This requires understanding how to pass messages from Rocket.Chat to Claude and vice versa.

6. **Message Handling**: Implement logic to handle messages coming from Rocket.Chat. This includes preprocessing the message (e.g., cleaning text), sending it to Claude, and then processing Claude's response before sending it back to Rocket.Chat.

7. **Error Handling & Logging**: Ensure your application can gracefully handle errors, such as network issues or invalid inputs, and log these events for debugging purposes.

8. **User Interface Enhancements**: Optionally, enhance the user experience by adding features like message history persistence, context-aware responses, or even integrating a simple UI for managing conversations.

9. **Testing**: Thoroughly test your application in different scenarios to ensure reliability and efficiency.

10. **Documentation**: Finally, document your setup process, including how to install dependencies, configure the application, and run it successfully.

By following these steps, you'll create a powerful tool that brings the convenience of conversational AI directly into Rocket.Chat, enhancing collaboration and productivity.