agent-ci-verify

v1.1.0 safe
4.0
Medium Risk

CI/CD verification pipeline for AI agent outputs — fact check, schema validation, diff verification

🤖 AI Analysis

Final verdict: SAFE

The package is assessed as safe due to low risks associated with obfuscation and credential harvesting. However, the metadata risk is moderately high due to insecure links and limited maintainer activity.

  • Low obfuscation risk
  • Low credential risk
  • Moderate metadata risk
Per-check LLM notes
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package contains non-secure links and the maintainer seems new with limited activity.

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • try: async with httpx.AsyncClient(timeout=timeout) as client: if method == "GE
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • ersion_command() result = subprocess.run( ["bash", "-lc", command], capture_output=Tr
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links score 4.0

Found 2 suspicious link(s) on the package page

  • Non-HTTPS external link: http://127.0.0.1:8899/health
  • Non-HTTPS external link: http://127.0.0.1:8899/verify
Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Lewis-404" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agent-ci-verify 
Create a mini-application named 'AIOutputVerifier' that leverages the 'agent-ci-verify' Python package to ensure the quality and integrity of AI-generated content within a continuous integration/continuous deployment (CI/CD) pipeline. This application will serve as a robust tool for developers and QA engineers to validate the outputs from AI agents against predefined criteria before deploying them to production environments. The app should include the following functionalities:

1. **Fact Checking**: Implement a feature that uses 'agent-ci-verify' to automatically cross-reference AI-generated text with factual databases or APIs to ensure the accuracy of the information provided.
2. **Schema Validation**: Develop a mechanism within the app that allows users to define data schemas for expected AI output formats. Use 'agent-ci-verify' to validate if the AI-generated content conforms to these schemas.
3. **Diff Verification**: Incorporate a feature that compares the current version of AI-generated content with previous versions, highlighting any discrepancies. Utilize 'agent-ci-verify' for this comparison to identify changes that might indicate errors or improvements.
4. **Customizable Reports**: Enable the generation of detailed reports summarizing the results of each verification process. These reports should be customizable, allowing users to select which types of checks (fact, schema, diff) they want included in the report.
5. **Integration with CI/CD Tools**: Ensure that 'AIOutputVerifier' can be easily integrated into popular CI/CD platforms like Jenkins, GitHub Actions, or GitLab CI. This integration should allow the app to automatically run its checks at specific stages of the pipeline.
6. **User-Friendly Interface**: Design a simple and intuitive command-line interface for interacting with the application, making it accessible even for non-technical team members.

The project should demonstrate proficiency in utilizing the 'agent-ci-verify' package to enhance the reliability and consistency of AI-generated content in software development workflows.