Package Metadata

Author: —
Email: Sebastian Pavel <[email protected]>, Elliott Girard <[email protected]>
PyPI: agent-framework-lib
Python: <3.14,>=3.10
Versions: 126 releases
First release: 10 Jul 2025, 14:03 UTC
Analysed: 06 Jun 2026, 06:43 UTC
Source files: 65 .py files scanned

Project Links

Bug Tracker Changelog Documentation Homepage Issues Repository Source Code

Classifiers

Development Status :: 4 - BetaEnvironment :: Web EnvironmentFramework :: FastAPIIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3 :: OnlyProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits signs of obfuscation and lacks transparency regarding maintainership and repository access, raising concerns about its legitimacy and potential risks.

High obfuscation risk due to base64 decoding
Sparse maintainer information and inaccessible git repository

Per-check LLM notes

Network: The use of httpx for making network requests is common and does not inherently suggest malicious activity unless the URL or behavior is suspicious.
Shell: Executing shell commands can be risky if not properly sanitized or controlled, as it may lead to arbitrary code execution.
Obfuscation: The presence of base64 decoding without clear justification suggests potential obfuscation or hiding of code/data.
Credentials: No direct evidence of credential harvesting is present, but the behavior could be part of a larger pattern that isn't fully visible here.
Metadata: The package has no suspicious links but the maintainer's information is sparse and the git repository is not accessible, raising concerns about its legitimacy.

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

httpx resp = httpx.get(self._http_url, timeout=10) resp.raise_for_s
p("/") self._client = httpx.AsyncClient( base_url=self._base_url, timeout=ht

⚠ Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

try: return base64.b64decode(self.content_base64) except Exception: r
try: return base64.b64decode(self.content) except Exception: return N

⚠ Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

try: subprocess.run( [sys.executable, str(copy_docs_script)]

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: icloud.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 3.0

Repository not found (deleted or private)

Repository not found (deleted or private)

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agent-framework-lib

Create a fully-functional mini-application named 'ConversationalAssistant' using the 'agent-framework-lib' Python package. This application will serve as a personal assistant capable of handling various tasks such as scheduling appointments, setting reminders, and providing weather updates based on user inputs through a conversational interface. The application should be built using FastAPI and should be accessible via a RESTful API.

Step-by-Step Guide:
1. Set up a virtual environment and install 'agent-framework-lib'.
2. Define the conversational flow and intents for the assistant using the provided framework functionalities.
3. Implement an endpoint for initiating conversations with the assistant.
4. Integrate calendar APIs (such as Google Calendar) for scheduling appointments and setting reminders.
5. Integrate a weather API (such as OpenWeatherMap) for fetching weather updates.
6. Design a simple frontend using a library like Streamlit to demonstrate interaction with the API endpoints.
7. Test the application thoroughly to ensure all functionalities work as expected.
8. Document the setup process, API endpoints, and usage examples.

Suggested Features:
- Multi-turn conversation support
- Contextual understanding of user requests
- Error handling for incorrect user inputs
- User authentication for personalized experiences
- Logging of user interactions for analytics purposes

Utilization of 'agent-framework-lib':
- Use the framework's conversational flow management capabilities to define how the assistant responds to different types of user queries.
- Leverage the FastAPI integration provided by the package to create RESTful API endpoints for initiating and managing conversations.
- Employ the package's natural language processing tools to improve the assistant's ability to understand and respond accurately to user inputs.