🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows low individual risks across network, shell, obfuscation, and credential aspects. However, the metadata risk score is elevated due to its recent creation and limited maintainer activity, making it suspicious.

Metadata risk score of 5 out of 10
Limited maintainer activity

Per-check LLM notes

Network: No network calls detected, which is normal unless the package requires external services.
Shell: No shell execution detected, indicating the package does not perform any system command executions.
Obfuscation: No obfuscation patterns detected, indicating low risk.
Credentials: No credential harvesting patterns detected, indicating low risk.
Metadata: The package is newly created with limited activity and the maintainer has few packages, raising some suspicion but not conclusive evidence of malintent.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

Only one version has ever been released — brand new package
Package is very new: uploaded 2 day(s) ago
Author "Harel Asaf" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agent-ready-cli

Create a Python-based desktop application named 'AgentReadyInspector' that leverages the 'agent-ready-cli' package to assess the readiness of any given GitHub repository for integration with AI coding assistants like Claude Code, Cursor, Copilot, and Codex. This application should provide a user-friendly interface where users can input a GitHub repository URL and receive a comprehensive report on the repository's compatibility with AI coding tools.

Key Features:
1. User Interface: Develop a simple yet intuitive GUI using Tkinter or PyQt5 that allows users to enter a GitHub repository URL and start the analysis.
2. Repository Validation: Before running the analysis, the app should validate the entered URL to ensure it points to a valid GitHub repository.
3. Integration with 'agent-ready-cli': Utilize the 'agent-ready-cli' package to perform the assessment. Ensure the app handles any exceptions or errors gracefully and provides clear feedback to the user.
4. Detailed Report Generation: After the analysis is complete, the app should generate a detailed report highlighting aspects such as code quality, documentation, test coverage, and overall readiness score. This report should be presented in an easy-to-understand format within the app's interface.
5. Export Functionality: Users should have the option to export the generated report as a PDF or HTML file for record-keeping purposes.
6. Real-time Progress Updates: During the analysis phase, the app should display real-time progress updates to keep the user informed about the ongoing process.
7. Error Handling: Implement robust error handling mechanisms to manage issues like network failures, invalid URLs, or problems encountered during the execution of the 'agent-ready-cli' commands.
8. Customizable Settings: Allow users to customize certain settings, such as the threshold values for determining readiness scores, directly from the app's interface.

The goal is to create a tool that not only leverages the power of 'agent-ready-cli' but also enhances its usability through a user-friendly interface and additional functionalities.