agent-sandbox-e2b

v0.0.4 suspicious
6.0
Medium Risk

agent-sandbox E2B SDK patch — one-line switch to use Agent Sandbox via the E2B Python SDK

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has low risks in terms of network and shell activities but exhibits signs of low maintainer activity and poor metadata quality, which raises concerns about its trustworthiness.

  • Low maintainer activity
  • Poor metadata quality
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires network functionality.
  • Shell: No shell execution detected, which is expected and indicates no immediate signs of malicious activity.
  • Metadata: The package shows signs of low maintainer activity and poor metadata quality, raising suspicion but not definitive proof of malice.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links score 6.0

Found 3 suspicious link(s) on the package page

  • Non-HTTPS external link: http://agent-sandbox-e2b-api.agentbox-system.svc.cluster.local`
  • Non-HTTPS external link: http://agent-sandbox-e2b-api.agentbox-system.svc.cluster.local
  • Non-HTTPS external link: http://agent-sandbox-e2b-api.my-namespace.svc.cluster.local
Git Repository History

Repository scitix/agent-sandbox appears legitimate

Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agent-sandbox-e2b 
Create a mini-application called 'SecureCodeRunner' that allows users to execute code snippets in a secure sandbox environment using the 'agent-sandbox-e2b' Python package. This application should provide a user-friendly interface where users can input their code, select the programming language (Python, JavaScript, etc.), and then run the code within a restricted environment. The application should ensure that no harmful actions, such as file system modifications or network operations, can be performed from the sandboxed execution. Additionally, include features like syntax highlighting for better readability, time limits for code execution to prevent infinite loops, and error reporting for debugging purposes. Utilize the 'agent-sandbox-e2b' package to set up and manage the sandbox environments efficiently. The final application should be deployable as a web service or a desktop application.