agent-matrix-lab

v0.1.0 suspicious
7.0
High Risk

Safety-first sandbox execution for agents, CI, and MCP tools — Python SDK and optional embedded runner.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits significant shell execution risks and metadata anomalies that raise concerns about its legitimacy and safety. While there is no clear evidence of malicious intent, the combination of these factors suggests potential vulnerabilities or hidden intentions.

  • High shell risk due to uncontrolled command execution
  • Red flags in metadata indicating low community engagement and limited author activity
Per-check LLM notes
  • Network: Network calls appear to be for health checks and data transmission which could be legitimate depending on the package's functionality.
  • Shell: Shell execution patterns include running external commands which can pose risks if not properly sanitized or controlled, suggesting potential for unintended behavior.
  • Obfuscation: The use of base64 encoding and zip file handling may indicate an attempt to obfuscate code, but it could also be a legitimate method for handling compressed data.
  • Credentials: No clear patterns indicative of credential harvesting were found.
  • Metadata: The package shows several red flags including a lack of community engagement, a single version release, and an author with limited activity.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • > bool: try: with urllib.request.urlopen(url, timeout=timeout_s) as resp: return
  • check") try: r = requests.get(f"{runner_url}/health", timeout=2.5) if r.ok:
  • ict[str, Any]: response = requests.post(f"{runner_url}{path}", json=payload, headers=_headers(), tim
  • ict[str, Any]: response = requests.get(f"{runner_url}{path}", headers=_headers(), timeout=timeout)
  • "import requests; print(requests.get('https://httpbin.org/status/200').status_code)" # JavaScr
  • evision): - Persistent global httpx.AsyncClient (no per-request connect overhead) - Explicit httpx.Timeout (r
Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

  • str) -> List[str]: raw = base64.b64decode(artifacts_zip_base64) with zipfile.ZipFile(io.BytesIO(ra
  • urn "" try: raw = base64.b64decode(artifacts_zip_base64) with zipfile.ZipFile(io.BytesI
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • .CompletedProcess: return subprocess.run(cmd, check=check, text=True, stdout=subprocess.PIPE, stderr=
  • COMPOSE_PROFILES']}") p = subprocess.run(cmd, env=env) if p.returncode != 0: raise System
  • mpose_cmd_base() + ["ps"] subprocess.run(cmd, check=False) def runner_healthcheck(runner_url: str)
  • ER_URL"] = runner_url p = subprocess.run(["matrixlab-inspect"], env=env) if p.returncode == 0:
  • xlab.mcp_server"] return subprocess.Popen( cmd, stdin=subprocess.PIPE, stdout=
  • )}", file=sys.stderr) p = subprocess.run(cmd) if check and p.returncode != 0: raise Runti
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: ruslanmv.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agent-matrix-lab 
Create a mini-application called 'AgentGuard' which serves as a safety-first environment for running and testing Python scripts in a controlled manner. This application will utilize the 'agent-matrix-lab' package to ensure that any executed code does not pose a risk to the host system. The goal is to provide developers with a tool that allows them to run untrusted or experimental Python code without fear of causing harm to their development environment.

Step 1: Set up the initial project structure including necessary imports from the 'agent-matrix-lab' package.
Step 2: Design a user interface where users can input Python code snippets or upload Python files.
Step 3: Implement functionality within 'AgentGuard' that utilizes 'agent-matrix-lab' to safely execute the provided code within a sandboxed environment.
Step 4: Add logging capabilities to track the execution results and any errors encountered during the sandboxed runs.
Step 5: Include a feature that allows users to specify certain constraints or permissions for the sandboxed environment, such as restricting file access or network connections.
Step 6: Develop a reporting module that summarizes the outcome of the executed code, including any outputs, logs, or error messages.

Suggested Features:
- Support for real-time code editing and immediate feedback on execution results.
- Option to save and load previous code executions for review.
- Integration with popular version control systems like Git for tracking changes in tested code.
- Ability to configure different levels of security settings based on user preferences or project requirements.

Utilizing 'agent-matrix-lab':
- Use 'agent-matrix-lab' to create isolated execution environments ('agents') where each piece of code is run.
- Leverage the sandboxing capabilities of 'agent-matrix-lab' to prevent any potentially harmful actions from affecting the host machine.
- Employ the logging functions provided by 'agent-matrix-lab' to capture all relevant information about the execution process.